agenttesla | 430a1054ae9182da23af11659b77753d464e838569616964355356965cf38a03 | Triage

Sharing

General

Target

430a1054ae9182da23af11659b77753d464e838569616964355356965cf38a03
Size

1.0MB
Sample

240829-spegnazgmq
MD5

78a25e848e38bd9fe2ea439f53bfff86
SHA1

2320ec89cc3569c877a31cc0c340bad525a4a014
SHA256

430a1054ae9182da23af11659b77753d464e838569616964355356965cf38a03
SHA512

ea33ea4329ed62125e33aae2730f3257d173a4f195e007e662e2438d74b596d7f0683b62a24ac3beb7566c7584dcf676676b9dd43b734e8b796610a927f10900
SSDEEP

12288:Otb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaOTfk9WejZVqV+K8ma6:Otb20pkaCqT5TBWgNQ7a2fkEQtTma6A

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://backup.smartape.ru
Port:
21
Username:
user894492
Password:
w6NZOdcSkH1a

Targets

- Target
  
  430a1054ae9182da23af11659b77753d464e838569616964355356965cf38a03
- Size
  
  1.0MB
- MD5
  
  78a25e848e38bd9fe2ea439f53bfff86
- SHA1
  
  2320ec89cc3569c877a31cc0c340bad525a4a014
- SHA256
  
  430a1054ae9182da23af11659b77753d464e838569616964355356965cf38a03
- SHA512
  
  ea33ea4329ed62125e33aae2730f3257d173a4f195e007e662e2438d74b596d7f0683b62a24ac3beb7566c7584dcf676676b9dd43b734e8b796610a927f10900
- SSDEEP
  
  12288:Otb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaOTfk9WejZVqV+K8ma6:Otb20pkaCqT5TBWgNQ7a2fkEQtTma6A
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2