agenttesla | db6a0025a6b9a255427019326c28540193c00d671e7120473913bfc88650a614 | Triage

Sharing

General

Target

SPOOOFER.exe
Size

4.9MB
Sample

240829-hn58waycnb
MD5

a07e70b0b57df15c5a04d93da1de3f2b
SHA1

06359eb4062384660c06f01280bc9e025e46296f
SHA256

db6a0025a6b9a255427019326c28540193c00d671e7120473913bfc88650a614
SHA512

5b9b9f77dfa233650d4bd9cbd9ce03b39ae766cbe32df375e37139f3f3c3485a27a6428baf3ec1c333397d3b6dcb6e975676d73fb70e52582b287dc9391c20a7
SSDEEP

98304:ZXMxH6Fgv0E1olTMIpKF2MwjVLaDJIfiuvBvh2PEIdEHjvaQj2EtWU:6xHlj1UJbxaDJWNwPd0v

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  SPOOOFER.exe
- Size
  
  4.9MB
- MD5
  
  a07e70b0b57df15c5a04d93da1de3f2b
- SHA1
  
  06359eb4062384660c06f01280bc9e025e46296f
- SHA256
  
  db6a0025a6b9a255427019326c28540193c00d671e7120473913bfc88650a614
- SHA512
  
  5b9b9f77dfa233650d4bd9cbd9ce03b39ae766cbe32df375e37139f3f3c3485a27a6428baf3ec1c333397d3b6dcb6e975676d73fb70e52582b287dc9391c20a7
- SSDEEP
  
  98304:ZXMxH6Fgv0E1olTMIpKF2MwjVLaDJIfiuvBvh2PEIdEHjvaQj2EtWU:6xHlj1UJbxaDJWNwPd0v
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan