agenttesla | 3e2751cfc79ae740b27642b53685d4ccb5434aa989ba12de9ec291197c1adba5 | Triage

Sharing

General

Target

SolarPERM.exe
Size

2.4MB
Sample

240818-xayn7s1ejq
MD5

2309fef8e5e7d83e60689bc1ad2e9244
SHA1

cac2bc3275ab9fc51250ee95b87dc5b88322fb1c
SHA256

3e2751cfc79ae740b27642b53685d4ccb5434aa989ba12de9ec291197c1adba5
SHA512

bed489d52f7c52a8473cccdb9c90937630136ff998fbe398e3056ff7e598e45161816a8d9a74bbd86623e8741dc68a9778f66b6bf37c886c35572f991bf1576b
SSDEEP

49152:cY9/QTNw2PXITYbNbNWo4kSH3OqtwIfrgBWBKH8jkDVFCNXODzWS9HfX0H/G:ci/ExXIT4bNJFY3OqtY+KH4kpc+DX/0H

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  SolarPERM.exe
- Size
  
  2.4MB
- MD5
  
  2309fef8e5e7d83e60689bc1ad2e9244
- SHA1
  
  cac2bc3275ab9fc51250ee95b87dc5b88322fb1c
- SHA256
  
  3e2751cfc79ae740b27642b53685d4ccb5434aa989ba12de9ec291197c1adba5
- SHA512
  
  bed489d52f7c52a8473cccdb9c90937630136ff998fbe398e3056ff7e598e45161816a8d9a74bbd86623e8741dc68a9778f66b6bf37c886c35572f991bf1576b
- SSDEEP
  
  49152:cY9/QTNw2PXITYbNbNWo4kSH3OqtwIfrgBWBKH8jkDVFCNXODzWS9HfX0H/G:ci/ExXIT4bNJFY3OqtY+KH4kpc+DX/0H
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan