agenttesla | 1cddeed0c1401137abdc3c8198b336403beaaa8bdfde09f4151d6bf6e95d125f | Triage

Sharing

General

Target

mr.twinkie.exe
Size

1.7MB
Sample

240902-1r1rnsyhqa
MD5

29284de1e3aeb3b2a2cae836bace0d81
SHA1

593c1752ed4b4de5262b7d4b7049e512441742d8
SHA256

1cddeed0c1401137abdc3c8198b336403beaaa8bdfde09f4151d6bf6e95d125f
SHA512

a018bd97c25e266e339d3ac61042f682edd94a8188f3fa88100085ffbd3d82403402098e85abb769ed1930cedbbe2a5904d983190c47321b1d2a55b7832692bf
SSDEEP

49152:kEITYbNbNWo4kSH3OqtwIjkqXfd+/9AQDbRnaJCB:kEIT4bNJFY3OqtXkqXf0FtxQ

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  mr.twinkie.exe
- Size
  
  1.7MB
- MD5
  
  29284de1e3aeb3b2a2cae836bace0d81
- SHA1
  
  593c1752ed4b4de5262b7d4b7049e512441742d8
- SHA256
  
  1cddeed0c1401137abdc3c8198b336403beaaa8bdfde09f4151d6bf6e95d125f
- SHA512
  
  a018bd97c25e266e339d3ac61042f682edd94a8188f3fa88100085ffbd3d82403402098e85abb769ed1930cedbbe2a5904d983190c47321b1d2a55b7832692bf
- SSDEEP
  
  49152:kEITYbNbNWo4kSH3OqtwIjkqXfd+/9AQDbRnaJCB:kEIT4bNJFY3OqtXkqXf0FtxQ
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan