agenttesla | 13ca93f984b156e05041ddb9d172ddfd9b14456a243e432b1efbbe5f623b722e | Triage

Sharing

General

Target

13ca93f984b156e05041ddb9d172ddfd9b14456a243e432b1efbbe5f623b722e.exe
Size

1.5MB
Sample

240829-bj4e6awdpa
MD5

180ad8fe3294d5cbf1508f3576c70f1c
SHA1

831c8ef7b3efedae003526a87139e806c713ed24
SHA256

13ca93f984b156e05041ddb9d172ddfd9b14456a243e432b1efbbe5f623b722e
SHA512

d5a7ece40082978640d886b33729255c4b47a3bac6fac1973eb475599bf3c79795b2314dd4ae6c87685c56a0c9f9990a42a61d0ba9482be81489fae48900933c
SSDEEP

24576:qIgqdRkAM4OF+PMwrSVlbmfDYkhDvGtjXtGUAF9kJ7MqudghfEuCj0hThiHHxlhg:qIeMw6kbQlYSRUT7ofIlohsgm

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.iaa-airferight.com
Port:
587
Username:
[email protected]
Password:
webmaster
Email To:
[email protected]

Targets

- Target
  
  13ca93f984b156e05041ddb9d172ddfd9b14456a243e432b1efbbe5f623b722e.exe
- Size
  
  1.5MB
- MD5
  
  180ad8fe3294d5cbf1508f3576c70f1c
- SHA1
  
  831c8ef7b3efedae003526a87139e806c713ed24
- SHA256
  
  13ca93f984b156e05041ddb9d172ddfd9b14456a243e432b1efbbe5f623b722e
- SHA512
  
  d5a7ece40082978640d886b33729255c4b47a3bac6fac1973eb475599bf3c79795b2314dd4ae6c87685c56a0c9f9990a42a61d0ba9482be81489fae48900933c
- SSDEEP
  
  24576:qIgqdRkAM4OF+PMwrSVlbmfDYkhDvGtjXtGUAF9kJ7MqudghfEuCj0hThiHHxlhg:qIeMw6kbQlYSRUT7ofIlohsgm
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2