agenttesla | 4eb8e15aa97acdc7599a949211b6ca85d6973fa0f8d8a739e4a6e617a29de673 | Triage

Submit
Reports

Overview

overview

Static

static

dgtm,.rar

windows7-x64

1

dgtm,.rar

windows10-1703-x64

dgtm,.rar

windows10-2004-x64

1

dgtm,.rar

windows11-21h2-x64

1

Sharing

General

Target

dgtm,.rar
Size

274.7MB
Sample

240721-vk4bbswape
MD5

96da0132b6b5edf11868e16e19ef821b
SHA1

d6f2a4817a393de1c3bd10bb5b9b9c2d633c0073
SHA256

4eb8e15aa97acdc7599a949211b6ca85d6973fa0f8d8a739e4a6e617a29de673
SHA512

6af89091a49a0ec9ea5ee138601acf972f9bfa9b191537d382acc3e8095da04d49ed4adad2506ec1fd7e7ab49eae6f5381b661f95b661b5540c858d6ec044d2e
SSDEEP

6291456:c57SksmgS2mHsvrIH+C0T/0Rmd8SkrVa9294VR+C0TCZ:c57SYbMb7td8TVaEJOZ

Score

10^/10

agenttesla spynote agilenet keylogger spyware stealer trojan

Static task

static1

agilenet agenttesla spynote

8 signatures

Behavioral task

behavioral1

Sample

dgtm,.rar

Resource

win7-20240704-en

windows7-x64

0 signatures

1800 seconds

Behavioral task

behavioral2

Sample

dgtm,.rar

Resource

win10-20240404-en

agenttesla keylogger spyware stealer trojan

windows10-1703-x64

10 signatures

1800 seconds

Behavioral task

behavioral3

Sample

dgtm,.rar

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

dgtm,.rar

Resource

win11-20240709-en

windows11-21h2-x64

0 signatures

1800 seconds

Malware Config

Extracted

Family

spynote

C2

1.tcp.sa.ngrok.io:21490

Targets

- Target
  
  dgtm,.rar
- Size
  
  274.7MB
- MD5
  
  96da0132b6b5edf11868e16e19ef821b
- SHA1
  
  d6f2a4817a393de1c3bd10bb5b9b9c2d633c0073
- SHA256
  
  4eb8e15aa97acdc7599a949211b6ca85d6973fa0f8d8a739e4a6e617a29de673
- SHA512
  
  6af89091a49a0ec9ea5ee138601acf972f9bfa9b191537d382acc3e8095da04d49ed4adad2506ec1fd7e7ab49eae6f5381b661f95b661b5540c858d6ec044d2e
- SSDEEP
  
  6291456:c57SksmgS2mHsvrIH+C0T/0Rmd8SkrVa9294VR+C0TCZ:c57SYbMb7td8TVaEJOZ
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

agilenetagentteslaspynote

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan

behavioral3

behavioral4

© 2018-2024

Terms | Privacy