agenttesla | 55dd72206a4adc304bcae93419f75ff9ff992724d13e92d4e7eaaa550ada4316 | Triage

Sharing

General

Target

55dd72206a4adc304bcae93419f75ff9ff992724d13e92d4e7eaaa550ada4316.exe
Size

1.1MB
Sample

240809-bl2dkstgjp
MD5

4be1b63d2643a2b99743b423cd5fe5e5
SHA1

b91887b2753547b6ca586540e9cd38b92ae6a3ab
SHA256

55dd72206a4adc304bcae93419f75ff9ff992724d13e92d4e7eaaa550ada4316
SHA512

e815f3e4c603d9afcf5c29503474e4a1edba8c794430d83824efaf78b5a03ff61e8320c24c758e67a7337375bedcb4190e513fdee780abd36403e2289ce9814e
SSDEEP

24576:nqDEvCTbMWu7rQYlBQcBiT6rprG8aWZDCxCeLG4eF:nTvC/MTQYxsWR7aWZCCeLG

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  55dd72206a4adc304bcae93419f75ff9ff992724d13e92d4e7eaaa550ada4316.exe
- Size
  
  1.1MB
- MD5
  
  4be1b63d2643a2b99743b423cd5fe5e5
- SHA1
  
  b91887b2753547b6ca586540e9cd38b92ae6a3ab
- SHA256
  
  55dd72206a4adc304bcae93419f75ff9ff992724d13e92d4e7eaaa550ada4316
- SHA512
  
  e815f3e4c603d9afcf5c29503474e4a1edba8c794430d83824efaf78b5a03ff61e8320c24c758e67a7337375bedcb4190e513fdee780abd36403e2289ce9814e
- SSDEEP
  
  24576:nqDEvCTbMWu7rQYlBQcBiT6rprG8aWZDCxCeLG4eF:nTvC/MTQYxsWR7aWZCCeLG
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan