agenttesla | afe81af612a341f8a6b8a12e40f4241915cbe4831273bd5366e9b66c2cf9a3b1 | Triage

Sharing

General

Target

afe81af612a341f8a6b8a12e40f4241915cbe4831273bd5366e9b66c2cf9a3b1
Size

655KB
Sample

240522-cqssnshc81
MD5

853f3142e4608d3a46063e841e9e0020
SHA1

730074af2a736e09e8ed7c8109021af0f2d7f70f
SHA256

afe81af612a341f8a6b8a12e40f4241915cbe4831273bd5366e9b66c2cf9a3b1
SHA512

53b5a1202f8880005798217a9756e7774d6c6b2c2ba7be233aba089efa90a1f8651b1f77c5228ef7e7545df1372e616cbb9a723d656de4e2fea259ef32a7f8d0
SSDEEP

12288:fYvCvuqPUc+zB1HPfeyeiyQiTxZxXaiLCbVZNYeka9L7FahcT:/u5csBcQiTxZxXLCprYs7OcT

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
mail.visiontrade.ae
Port:
587
Username:
[email protected]
Password:
,,.Ishaq2021 ,,

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.visiontrade.ae
Port:
587
Username:
[email protected]
Password:
,,.Ishaq2021 ,,
Email To:
[email protected]

Targets

- Target
  
  afe81af612a341f8a6b8a12e40f4241915cbe4831273bd5366e9b66c2cf9a3b1
- Size
  
  655KB
- MD5
  
  853f3142e4608d3a46063e841e9e0020
- SHA1
  
  730074af2a736e09e8ed7c8109021af0f2d7f70f
- SHA256
  
  afe81af612a341f8a6b8a12e40f4241915cbe4831273bd5366e9b66c2cf9a3b1
- SHA512
  
  53b5a1202f8880005798217a9756e7774d6c6b2c2ba7be233aba089efa90a1f8651b1f77c5228ef7e7545df1372e616cbb9a723d656de4e2fea259ef32a7f8d0
- SSDEEP
  
  12288:fYvCvuqPUc+zB1HPfeyeiyQiTxZxXaiLCbVZNYeka9L7FahcT:/u5csBcQiTxZxXLCprYs7OcT
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan