agenttesla | b09487ea9dc5e977f6a82ac84bc160b390aee483ac3746180217872a0f535027 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm V5.2...rd.zip

windows11-21h2-x64

Sharing

General

Target

XWorm V5.2 password.zip
Size

36.0MB
Sample

240502-xxxenaeb7w
MD5

2c9f6406bac263b5d4fade5e717fbf7f
SHA1

d8a34f676de186af9da32a7a85f8eda25592d407
SHA256

b09487ea9dc5e977f6a82ac84bc160b390aee483ac3746180217872a0f535027
SHA512

1e2f03b7c505ced0392b91ab84018066cc27a29eb00cbeccc305aade4bccd473d3ddb118699ddd400ac318eb08be2895e0975ab1b135cfce88726814d40a4809
SSDEEP

786432:bCxzHbV1gXPrCT0kw0SJg9by8U0/4h6vdA8ZMCFEb6un3LOnUZUiaG2JbS:cbMXPrCTvbSJaQ0/4hcb+LnbgUSiaG2c

Score

10^/10

agenttesla stormkitty agilenet keylogger pdf spyware stealer trojan

Static task

static1

pdf agilenet agenttesla stormkitty

8 signatures

Behavioral task

behavioral1

Sample

XWorm V5.2 password.zip

Resource

win11-20240419-en

agenttesla agilenet keylogger spyware stealer trojan

windows11-21h2-x64

11 signatures

600 seconds

Malware Config

Targets

- Target
  
  XWorm V5.2 password.zip
- Size
  
  36.0MB
- MD5
  
  2c9f6406bac263b5d4fade5e717fbf7f
- SHA1
  
  d8a34f676de186af9da32a7a85f8eda25592d407
- SHA256
  
  b09487ea9dc5e977f6a82ac84bc160b390aee483ac3746180217872a0f535027
- SHA512
  
  1e2f03b7c505ced0392b91ab84018066cc27a29eb00cbeccc305aade4bccd473d3ddb118699ddd400ac318eb08be2895e0975ab1b135cfce88726814d40a4809
- SSDEEP
  
  786432:bCxzHbV1gXPrCT0kw0SJg9by8U0/4h6vdA8ZMCFEb6un3LOnUZUiaG2JbS:cbMXPrCTvbSJaQ0/4hcb+LnbgUSiaG2c
Score

10^/10

agenttesla agilenet keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

pdfagilenetagentteslastormkitty

behavioral1

agentteslaagilenetkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy