agenttesla | 1dbe374c6c753a47e06ea8a5b3e9241eee7ec31d0b81b2764cf7105c3300be1b | Triage

Sharing

General

Target

1dbe374c6c753a47e06ea8a5b3e9241eee7ec31d0b81b2764cf7105c3300be1b
Size

658KB
Sample

240522-cls8mshb8x
MD5

18c5fc41e92b862a2771cf3186b40d73
SHA1

58ae3ac6fab06f9b4be827fd2cec525ee5ca24c1
SHA256

1dbe374c6c753a47e06ea8a5b3e9241eee7ec31d0b81b2764cf7105c3300be1b
SHA512

bbf8adcf9fa73274203f8c06a86aaf874bf948e0ad29dd10cde5797e615227613333b13538a5d2e77e1aa23d18e2d980fbba75d92ba6f94c7d540da908518629
SSDEEP

12288:JlYifTfO6AoN0P/hqszanaC5JgJ0mCuFLTYdyhrN6hFc0eBiVEmSbfrZYFDV:EirO6Aofs2oJ6WDZNCFc0esVZSvw

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
srv.masternic.net
Port:
587
Username:
[email protected]
Password:
-H{2Szxi!%qb
Email To:
[email protected]

Targets

- Target
  
  1dbe374c6c753a47e06ea8a5b3e9241eee7ec31d0b81b2764cf7105c3300be1b
- Size
  
  658KB
- MD5
  
  18c5fc41e92b862a2771cf3186b40d73
- SHA1
  
  58ae3ac6fab06f9b4be827fd2cec525ee5ca24c1
- SHA256
  
  1dbe374c6c753a47e06ea8a5b3e9241eee7ec31d0b81b2764cf7105c3300be1b
- SHA512
  
  bbf8adcf9fa73274203f8c06a86aaf874bf948e0ad29dd10cde5797e615227613333b13538a5d2e77e1aa23d18e2d980fbba75d92ba6f94c7d540da908518629
- SSDEEP
  
  12288:JlYifTfO6AoN0P/hqszanaC5JgJ0mCuFLTYdyhrN6hFc0eBiVEmSbfrZYFDV:EirO6Aofs2oJ6WDZNCFc0esVZSvw
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan