agenttesla | d07ef403a4d320147704c1e188dfa93e140ac148489d60ee564f710e2dcd7550 | Triage

Sharing

General

Target

d07ef403a4d320147704c1e188dfa93e140ac148489d60ee564f710e2dcd7550.exe
Size

1.2MB
Sample

240822-m2bzeatalc
MD5

468027ac859f0037a5687da041c8b071
SHA1

7b17f4aae3b8b53f9cfe70ccc5d54dce9666162b
SHA256

d07ef403a4d320147704c1e188dfa93e140ac148489d60ee564f710e2dcd7550
SHA512

d38ec16b0373f6bcc471dc2c2ae3daff64abaf2de0f8f97b3369a4769ed799946229c1874814047ec840a31ac0b78ddc3019573cf2e13588680e22153c879231
SSDEEP

24576:hqDEvCTbMWu7rQYlBQcBiT6rprG8af4FF4PJOZ/U4/Ct8f:hTvC/MTQYxsWR7af4jC

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  d07ef403a4d320147704c1e188dfa93e140ac148489d60ee564f710e2dcd7550.exe
- Size
  
  1.2MB
- MD5
  
  468027ac859f0037a5687da041c8b071
- SHA1
  
  7b17f4aae3b8b53f9cfe70ccc5d54dce9666162b
- SHA256
  
  d07ef403a4d320147704c1e188dfa93e140ac148489d60ee564f710e2dcd7550
- SHA512
  
  d38ec16b0373f6bcc471dc2c2ae3daff64abaf2de0f8f97b3369a4769ed799946229c1874814047ec840a31ac0b78ddc3019573cf2e13588680e22153c879231
- SSDEEP
  
  24576:hqDEvCTbMWu7rQYlBQcBiT6rprG8af4FF4PJOZ/U4/Ct8f:hTvC/MTQYxsWR7af4jC
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan