agenttesla | 782b86544af52d5305148dfdb61a8055090078efbed7a2a073058c970fcb3e5d | Triage

Sharing

General

Target

782b86544af52d5305148dfdb61a8055090078efbed7a2a073058c970fcb3e5d
Size

610KB
Sample

240523-bslayagd7x
MD5

83313ce4e9846836e9238791e84dc6d4
SHA1

8bbbb5f96885ce3592045d785ae39c6c0ffed00b
SHA256

782b86544af52d5305148dfdb61a8055090078efbed7a2a073058c970fcb3e5d
SHA512

27cbea7aca6e359ca96d56e4fc16f0a43f960bae957cdd6659e8133f445416ab60ec78cff7e532ed162c5f0c66c990a6bacec42576aa170adba14101b91f0f2b
SSDEEP

12288:eKwbq0NyhcJM31HLkpxyCfaP4TSioXolbvPFAEUO34U:haNUn31gvvPmUvdIO37

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.oripam.xyz
Port:
587
Username:
[email protected]
Password:
;KPp6ZU~hCyT
Email To:
[email protected]

Targets

- Target
  
  782b86544af52d5305148dfdb61a8055090078efbed7a2a073058c970fcb3e5d
- Size
  
  610KB
- MD5
  
  83313ce4e9846836e9238791e84dc6d4
- SHA1
  
  8bbbb5f96885ce3592045d785ae39c6c0ffed00b
- SHA256
  
  782b86544af52d5305148dfdb61a8055090078efbed7a2a073058c970fcb3e5d
- SHA512
  
  27cbea7aca6e359ca96d56e4fc16f0a43f960bae957cdd6659e8133f445416ab60ec78cff7e532ed162c5f0c66c990a6bacec42576aa170adba14101b91f0f2b
- SSDEEP
  
  12288:eKwbq0NyhcJM31HLkpxyCfaP4TSioXolbvPFAEUO34U:haNUn31gvvPmUvdIO37
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan