agenttesla | 1f3c2092e06e42ed7dd425ee68f826ad344bbacbde3dfd1cda112eb6af3a4627 | Triage

Sharing

General

Target

1f3c2092e06e42ed7dd425ee68f826ad344bbacbde3dfd1cda112eb6af3a4627.exe
Size

1.1MB
Sample

240824-be5gnaygqq
MD5

8f8ade5f96af5605f5bd2e8be188095a
SHA1

a6c5efc18679ce82b68a71de0ff9ad8cd7b613c9
SHA256

1f3c2092e06e42ed7dd425ee68f826ad344bbacbde3dfd1cda112eb6af3a4627
SHA512

dd96ce36e55a64528448a37381bc1c57f32722dd03b013b1475ec878fd9fac74837afb86d6e613d374e28b4c782c64d82adf0316afcbaff0f9832ce26825c783
SSDEEP

24576:bqDEvCTbMWu7rQYlBQcBiT6rprG8aOzcYR8Ar:bTvC/MTQYxsWR7aOzcYR

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  1f3c2092e06e42ed7dd425ee68f826ad344bbacbde3dfd1cda112eb6af3a4627.exe
- Size
  
  1.1MB
- MD5
  
  8f8ade5f96af5605f5bd2e8be188095a
- SHA1
  
  a6c5efc18679ce82b68a71de0ff9ad8cd7b613c9
- SHA256
  
  1f3c2092e06e42ed7dd425ee68f826ad344bbacbde3dfd1cda112eb6af3a4627
- SHA512
  
  dd96ce36e55a64528448a37381bc1c57f32722dd03b013b1475ec878fd9fac74837afb86d6e613d374e28b4c782c64d82adf0316afcbaff0f9832ce26825c783
- SSDEEP
  
  24576:bqDEvCTbMWu7rQYlBQcBiT6rprG8aOzcYR8Ar:bTvC/MTQYxsWR7aOzcYR
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan