agenttesla | cc1e686ceecf57a92414f5fa1328b2e48bd125ab6f44d830e2c3a36bbadcef84 | Triage

Sharing

General

Target

HAVOC-Injector.rar
Size

7.9MB
Sample

240829-fbjs1atgpe
MD5

4b79259e032752412071901215840765
SHA1

a6d287846316b456b999d738ed7b0070272663a0
SHA256

cc1e686ceecf57a92414f5fa1328b2e48bd125ab6f44d830e2c3a36bbadcef84
SHA512

ae75b7ca82b7801bdf12d543bcfc00dd4d7f2be3c567d1dc759781b284bdbd266a59cfdc5f3ab7365af3d25c012826909901aa9bbfe433bf31a3856904153a7d
SSDEEP

196608:rwMUc9+ycjGQOxpSvOnQq7panpCzgiavDn3snahj:r778ycjzIkOnQ0panAzTXne

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Release/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c97f23b52087cfa97985f784ea83498f
- SHA1
  
  d364618bec9cd6f8f5d4c24d3cc0f4c1a8e06b89
- SHA256
  
  e658e8a5616245dbe655e194b59f1bb704aaeafbd0925d6eebbe70555a638cdd
- SHA512
  
  ecfa83596f99afde9758d1142ff8b510a090cba6f42ba6fda8ca5e0520b658943ad85829a07bf17411e26e58432b74f05356f7eaeb3949a8834faa5de1a4f512
- SSDEEP
  
  49152:cvrqKk8q2gqi2OXCt6kuSw9g8PTNTN/23uxjPHEiCAjFcm:cvrqZr
Score

1^/10
behavioral1 behavioral2
- Target
  
  Release/HAVOC-Injector.exe
- Size
  
  7.3MB
- MD5
  
  8c7749c7bad82ce89360100c85aade36
- SHA1
  
  c15469f1e1e670f526962a57d9da7dfb86f78fa4
- SHA256
  
  bd999cdb5d849091a18dca558820f2a81358d5287f8aacbb1ba2fe1219b75b17
- SHA512
  
  c8661b24823be7d25f0a979206c931e28e19d0e46861c49c0ba201ce6a7b86ef479a81457525a315663b48f4197000b17cc1aba40b4df47bebf13897e29b6f47
- SSDEEP
  
  196608:EC3xHVal0QebYVrIFWUT/TEZN7tRkaYQGaKYbzjqzKXi9mH4X:Dh1y0QXrIFWUEZrRzbzjBXi9Q4
Score

10^/10

discovery agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral3 behavioral4
- Target
  
  Release/HAVOC-Injector.exe.config
- Size
  
  800B
- MD5
  
  000cb5725d4b646156407000d142842e
- SHA1
  
  41b319da1ab7f96cf949616c63918a600c99753d
- SHA256
  
  fa1b5bbca4c0d952ee5277afcaf7bac499542e93be0250e0aedf8e2225e43129
- SHA512
  
  82d97b0775bd288d141b73d4eecbc160ca63fa776afe8d8ebbec3b64ca3da6be007db5b2e01ce416925af685ece58f0bc4f4e693ba331bb9c74d600d51e51e42
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Release/HAVOC-Injector.pdb
- Size
  
  41KB
- MD5
  
  cbf53b8bf93f3b8545c7c3fdc180b477
- SHA1
  
  3d45c3f55d0314c58d0bb798a8f6d62d8a8ab032
- SHA256
  
  105c0f5911e90fb31331003fa99a81391033c1c1c9b4df8b097cfbf0746ca394
- SHA512
  
  ae6e4faeb527ed7c227d8b046f9feb11d866efc909d81bcf6f55692b7b17e763d3ca529e3aa556c52e54d9ebc242262a41a6f3fa9cfe045cda8e1442bb0b74df
- SSDEEP
  
  384:91ce2ceHLcsJ0T0EZbNw4fr88EZbNzFc1wPVPZZpxRLcs3TlHE:91ce2ceHLcsKTzeRLcs3T
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

agentteslakeyloggerspywarestealertrojan

behavioral5

behavioral6

behavioral7

behavioral8