agenttesla | 4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8 | Triage

Sharing

General

Target

4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
Size

615KB
Sample

240523-czex6sah34
MD5

c7e97f90711ca0b0513e4eebae0781f8
SHA1

1da9ccf6cbc0fc87bc82fa8aa75abd16681af324
SHA256

4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
SHA512

01b90577bf7992733d90b53f46c086c51467f840b459b69475cd3fcb26f7f0c24d188261a22f4d28eb668c420d9fd4f4acbedc4e461c602012faf3d7add04016
SSDEEP

12288:cSHXKxbR9kjaX0ujKlppa4ji49B/WIGBdLuhv9/WqcLjb4Oa2Q:9HXK5wa6bpa4jJ2IsyhV/WqS1a1

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://files.000webhost.com
Port:
21
Username:
tain77
Password:
Computer@666

Targets

- Target
  
  4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
- Size
  
  615KB
- MD5
  
  c7e97f90711ca0b0513e4eebae0781f8
- SHA1
  
  1da9ccf6cbc0fc87bc82fa8aa75abd16681af324
- SHA256
  
  4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
- SHA512
  
  01b90577bf7992733d90b53f46c086c51467f840b459b69475cd3fcb26f7f0c24d188261a22f4d28eb668c420d9fd4f4acbedc4e461c602012faf3d7add04016
- SSDEEP
  
  12288:cSHXKxbR9kjaX0ujKlppa4ji49B/WIGBdLuhv9/WqcLjb4Oa2Q:9HXK5wa6bpa4jJ2IsyhV/WqS1a1
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan