agenttesla | 5405273431552857b6acb561b5eb6c7706fbc485bb41a34d6a8e189f3a7ee019 | Triage

Resubmissions

06/08/2024, 00:34

240806-awzr3atdnj 10

06/08/2024, 00:30

240806-ats7hatcrj 10

Sharing

Copy URL Twitter E-mail

General

Target

zip.zip
Size

1.9MB
Sample

240806-awzr3atdnj
MD5

50ddfb56c1fd2716a269303b42e114f7
SHA1

9029fd106abd0060a8726bf6ac6aed0e3b22bc7e
SHA256

5405273431552857b6acb561b5eb6c7706fbc485bb41a34d6a8e189f3a7ee019
SHA512

13031fdd6b06d611e614d9c397d0bc8373c139feb8deac507f64e10f27554c15d19d9856a305b5f45a19d1d2fc0576c76317c128ebd4a587aadbdf2a8a03919e
SSDEEP

49152:xo1SUuVFQ9cFpt9zhgisVyid7sMGt5SLJnHHhdXG/UxL1IU0ZEYh:mSUuFQ9cFpt9t6ThsM0QLRLXG8xJTG

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral1
- Target
  
  Siticone.Desktop.UI.dll
- Size
  
  2.4MB
- MD5
  
  4c2646035d103a4175c805b0356ff85c
- SHA1
  
  3ea3810af76b1fb0e03181ef56435734ed773c9f
- SHA256
  
  4e15f9275d91d9c0a4a82bec6587e0de9ba9ad86e79b991d2d406233af07f681
- SHA512
  
  6fe6556af323301a52c414094841e58922892572a40b92418615af5257b7d049e363c4b1c8b3a0aa2971c3a2b598d4b4199e71c9698f5c4864fc7415928f5c9b
- SSDEEP
  
  24576:VDaMDvme1hA55HBbTJv2wbrlm12oQ4XpHynf6xJKeLVHGpgkaZKCjuBhkFd51xcV:VOg0Pm12VfIfLV1k8jd5o7JIPnk
Score

1^/10
behavioral2
- Target
  
  cool animated background.exe
- Size
  
  178KB
- MD5
  
  97ef3efe0044d25c94a7958a75ee552a
- SHA1
  
  e8cd4eb7dd0f5f4bcbf3ddab0639241cf1b762d3
- SHA256
  
  8d43dd1a54d4ec36b0185cd1b424b4cfd4f8507b41197fc948a34907df2a45dc
- SHA512
  
  0d18c855015d1367e32e2128b4fc5750e18f5ea1ec7c667d1c805833eb2a7c9e7c65e1624ead5930f148f0f0b701f3b3ea3ceb4ff210a79c53447fae9444e51e
- SSDEEP
  
  3072:leZ1UR9qD7+Bx7+BKh+tG8U6o97+Bqh+tG8U6o97+BZ7+Bn:gFGxh+Y8U6+Hh+Y8U6+e
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

agenttesladiscoverykeyloggerspywarestealertrojan