agenttesla | 0477d366c3dce1723cf124fc263a85654b4454909dffcc0d325020f1187e4f34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0477d366c3dce1723cf124fc263a85654b4454909dffcc0d325020f1187e4f34.exe
Size

602KB
Sample

240608-jkr3hsbb69
MD5

b4b045a39da0b2d38940085d78d1ab14
SHA1

2678aa772b284a12488e7abdb5c9bab76a0bd9bf
SHA256

0477d366c3dce1723cf124fc263a85654b4454909dffcc0d325020f1187e4f34
SHA512

e2a13b0b7bfaf3c3a02672425de6a32d87e0a0cdb7c6439ba91bac53429d420ce602ac3654216add8ccf416ba58688388667233c2144941c07cfc318e8c35184
SSDEEP

12288:78ALbFN7nwPgrUd+N2qUouxL/8YpOrbW1wEW9XGGc5S0xquGjk+kJhDd:LLwIrw+oq9uxT8sOrbW1wEQXOS0RXd

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
7213575aceACE@#$
Email To:
[email protected]

Targets

- Target
  
  0477d366c3dce1723cf124fc263a85654b4454909dffcc0d325020f1187e4f34.exe
- Size
  
  602KB
- MD5
  
  b4b045a39da0b2d38940085d78d1ab14
- SHA1
  
  2678aa772b284a12488e7abdb5c9bab76a0bd9bf
- SHA256
  
  0477d366c3dce1723cf124fc263a85654b4454909dffcc0d325020f1187e4f34
- SHA512
  
  e2a13b0b7bfaf3c3a02672425de6a32d87e0a0cdb7c6439ba91bac53429d420ce602ac3654216add8ccf416ba58688388667233c2144941c07cfc318e8c35184
- SSDEEP
  
  12288:78ALbFN7nwPgrUd+N2qUouxL/8YpOrbW1wEW9XGGc5S0xquGjk+kJhDd:LLwIrw+oq9uxT8sOrbW1wEQXOS0RXd
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan