agenttesla | 9a323c393d62fde63bc9c66a9d8c6a5b9599e252d594a01ebcac9de8631992db | Triage

Sharing

General

Target

9a323c393d62fde63bc9c66a9d8c6a5b9599e252d594a01ebcac9de8631992db
Size

686KB
Sample

240523-c3p8baba57
MD5

8c33c4275350eedb15d4afdf7180754c
SHA1

3c87015abbb02fc46189f6a8dd09331b23f76e5b
SHA256

9a323c393d62fde63bc9c66a9d8c6a5b9599e252d594a01ebcac9de8631992db
SHA512

22a05c04ed8e75ec8ed478ed1b0a13777e175408e5e79e51f1a78e6022e6802b417c2430baec9f729c5417bd4f30b0dea89e1479aca269ff76d83915f6d98d33
SSDEEP

12288:Yn3x504bFWBhRgrUQepGF78CfIDzeooOD8ZFEjSutZh19bQT6E+N8D0B7sve/TTf:43w4bMhRgTL78Em8DEjSuZbQT6FKve/T

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.atlantegypt.com
Port:
587
Username:
[email protected]
Password:
OL11121314ol
Email To:
[email protected]

Targets

- Target
  
  9a323c393d62fde63bc9c66a9d8c6a5b9599e252d594a01ebcac9de8631992db
- Size
  
  686KB
- MD5
  
  8c33c4275350eedb15d4afdf7180754c
- SHA1
  
  3c87015abbb02fc46189f6a8dd09331b23f76e5b
- SHA256
  
  9a323c393d62fde63bc9c66a9d8c6a5b9599e252d594a01ebcac9de8631992db
- SHA512
  
  22a05c04ed8e75ec8ed478ed1b0a13777e175408e5e79e51f1a78e6022e6802b417c2430baec9f729c5417bd4f30b0dea89e1479aca269ff76d83915f6d98d33
- SSDEEP
  
  12288:Yn3x504bFWBhRgrUQepGF78CfIDzeooOD8ZFEjSutZh19bQT6E+N8D0B7sve/TTf:43w4bMhRgTL78Em8DEjSuZbQT6FKve/T
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan