agenttesla | 37038c1f73a5fe103d0f8f8cd7b15a032412dfb8d7f0e1a8373dc730b0eae3c4 | Triage

Sharing

General

Target

37038c1f73a5fe103d0f8f8cd7b15a032412dfb8d7f0e1a8373dc730b0eae3c4.rar
Size

845KB
Sample

240829-bq89zswgnb
MD5

2cfad4baab1419bd9c45e0209da28fd7
SHA1

43fe95136ad0f40fbeb15c69c992562babb53541
SHA256

37038c1f73a5fe103d0f8f8cd7b15a032412dfb8d7f0e1a8373dc730b0eae3c4
SHA512

8a293274005719ba315da343c668a5a6fae9313f22559b9b7433adbcd86ca491342827b41ba12792da6ea4274d751a224ac90661858196c8840573bf961ee43c
SSDEEP

24576:N17+7J0Ln7/wQAELwcEQQ8Yq149/QVFHjjoHyC:NtoInjwhAwhQimFHjPC

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.iaa-airferight.com
Port:
587
Username:
[email protected]
Password:
webmaster
Email To:
[email protected]

Targets

- Target
  
  New order.exe
- Size
  
  1.5MB
- MD5
  
  180ad8fe3294d5cbf1508f3576c70f1c
- SHA1
  
  831c8ef7b3efedae003526a87139e806c713ed24
- SHA256
  
  13ca93f984b156e05041ddb9d172ddfd9b14456a243e432b1efbbe5f623b722e
- SHA512
  
  d5a7ece40082978640d886b33729255c4b47a3bac6fac1973eb475599bf3c79795b2314dd4ae6c87685c56a0c9f9990a42a61d0ba9482be81489fae48900933c
- SSDEEP
  
  24576:qIgqdRkAM4OF+PMwrSVlbmfDYkhDvGtjXtGUAF9kJ7MqudghfEuCj0hThiHHxlhg:qIeMw6kbQlYSRUT7ofIlohsgm
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2