agenttesla | 97166172d28554b6714cc2cc289bdc54d7c52ce7076d846241639c42a8163d13 | Triage

Sharing

General

Target

Phantom.exe
Size

2.7MB
Sample

240831-vzk4aswcra
MD5

a592acb4990281564a5a5190ce81e490
SHA1

4b1281fa5b4a4c055ab21293d60350d9078cc151
SHA256

97166172d28554b6714cc2cc289bdc54d7c52ce7076d846241639c42a8163d13
SHA512

20bf412e7ba35c7f0a83a4d9d69a72ec7bb84d1b2a1f961ecffbc733dfa8291c82ace7963d2b27bc578ba7674cb7ec4cb86d61da8dc03eb38bc0ae983285aaa9
SSDEEP

49152:VF4Im7P/Go4SkGMITYbNbNWo4kSH3OqtwIjkqXfd+/9AqAanV:VShP/GogGMIT4bNJFY3OqtXkqXf0FPAy

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Phantom.exe
- Size
  
  2.7MB
- MD5
  
  a592acb4990281564a5a5190ce81e490
- SHA1
  
  4b1281fa5b4a4c055ab21293d60350d9078cc151
- SHA256
  
  97166172d28554b6714cc2cc289bdc54d7c52ce7076d846241639c42a8163d13
- SHA512
  
  20bf412e7ba35c7f0a83a4d9d69a72ec7bb84d1b2a1f961ecffbc733dfa8291c82ace7963d2b27bc578ba7674cb7ec4cb86d61da8dc03eb38bc0ae983285aaa9
- SSDEEP
  
  49152:VF4Im7P/Go4SkGMITYbNbNWo4kSH3OqtwIjkqXfd+/9AqAanV:VShP/GogGMIT4bNJFY3OqtXkqXf0FPAy
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan