agenttesla | b9abd391a632c6e7bae65458ffb3037bba08b14bcd21f541a9b0d3c4cf39a73b | Triage

Sharing

General

Target

vulnera+beta.zip
Size

35.7MB
Sample

240810-13zczs1aqm
MD5

a9ab5a02ad8769fcd438a2e851f5cbd2
SHA1

3d8801df6c7f7cd93a71e9b8abfd1e81e96b31d7
SHA256

b9abd391a632c6e7bae65458ffb3037bba08b14bcd21f541a9b0d3c4cf39a73b
SHA512

0c5e4f8d7c2939b4cc6e115c43487374f6d9dc18d03ffcafd6d8bd50c7df475e5769888288e242f850de87c5b2223b0418c532878d2fd860be27a38a05e0bd1d
SSDEEP

786432:CczD0TkKJPfVdZOua9hkPzALZkvNQNiHt9h:CGD0TkKlfVd8uMSASVaiHx

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  main.exe
- Size
  
  26.2MB
- MD5
  
  02b1096d7e249f4daa6edb4351b32f86
- SHA1
  
  460270050e1610ec8cf8a7469ab343887b13760f
- SHA256
  
  91808cef321a732963007a21fb71076f4ff15edeab1f32ae777fffa2abc6f3c7
- SHA512
  
  a1cb61767e5b30d0736076096e689f319facb1a0e2328ae745de116ea9afd2b97edb75941fb0c8b86b091845854d3a061194b8af801df208b6b6a3f6183b9dba
- SSDEEP
  
  393216:3j5XwUqdiF5rFnxvzxQbPoJenMNnLTOL2np999L9zo7VwVlrVx60zOvdiW8xy:J3rTTWeLTtnpT9ihwV3lSvdp8
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  vulnera beta.exe
- Size
  
  603KB
- MD5
  
  041a42c2661d8f6ca11b614124682a68
- SHA1
  
  266af69167eef9b92ef4a5214872403a72da3ea7
- SHA256
  
  a60271c570816431df925eb4f2190aa8586f150aba27bd2149d3aa978ab8f1ab
- SHA512
  
  b68908681f856c08754718a3084ce03e7626ea417921a8672c680e41bb60f42fe42e14d80b9a5150d88f759ff80f09bfffd6acca128330bd20511c81c1f90aab
- SSDEEP
  
  12288:O/rv2JItJItJICCEhGSy0bhGSy00jjjjjbTAzMtr8Vx/cdVcd:craCExyaxyFjjjjjGYr8j/cdVcd
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral4

agenttesladiscoverykeyloggerspywarestealertrojan