agenttesla

Sharing

Copy URL

Twitter E-mail

General

Target

magikremake.rar
Size

15.3MB
Sample

240902-qpkmkasbja
MD5

b08efa619b07842b51cfe9b2e8ddc510
SHA1

d0ecffd729713d180e17a6e22c9ffae17d619783
SHA256

4cc9f872ca745f98ff2755933aba8d84ca7233d53381799ba2e388c085664e6f
SHA512

61620d3618228a77b3cdecb3321ad3edd3e930697634d8ce89ef8966d95041ea31e29c11ef11b8de434fe292762494e3156100a91530981ac2aaedce28032774
SSDEEP

393216:y666+4LLq9EwVfAJOh34mZujhy/D+O/sJs3iT:RRq9d5AchImZBaSsEiT

Score

10^/10

Malware Config

Targets

- Target
  
  magik remake/WindowsFormsApp2/Form1.resx
- Size
  
  63KB
- MD5
  
  4ba6d21383af46d6f37e30f5a14d6c85
- SHA1
  
  152b65786d22ff95a9166ad364e49d092ce2f2f2
- SHA256
  
  556001018338e04b17f7975f6d501980dda584b649e613145a83f2859d4c0002
- SHA512
  
  798ab0cea2bfb5995aea3b5dcc82d690cedab8f8e10f753419cfdb8a07f401d4c54b890071ba374fe077560bce0e23ff4625826e35df2838f3552777e2c45e7c
- SSDEEP
  
  1536:Kj2v6uzC5MiU3/A4pY5MZz1iVDQjbHM3YmffqL6TfrQ/:Kj2V+51U3oqbi2bM3ZCm7+
Score

1^/10
behavioral1 behavioral2
- Target
  
  magik remake/WindowsFormsApp2/Form2.resx
- Size
  
  56KB
- MD5
  
  a94ad34991180003e15e5540723973a1
- SHA1
  
  d34b65f9e001a1081d6b50665dc24b64dd16b030
- SHA256
  
  ec9b6b816995beedd9a759d9d936873258cea83114e9617165f5567fb8119037
- SHA512
  
  7f8d5e36ab64372c9a4491e46fd9156117cb5cdaac2ac8735c34cc4455b672d1b9bf2c45964d99b6a14cd40a18483c4c4657eed5a05facb4e971aa372c24e004
- SSDEEP
  
  1536:Kj2v6CzC5MiU3/A4pY5MZz1iVdrBbH2aC:Kj2X+51U3oqbi7BbZC
Score

1^/10
behavioral3 behavioral4
- Target
  
  magik remake/WindowsFormsApp2/Form4.resx
- Size
  
  5KB
- MD5
  
  4eb5913a0e5aa842250f7419538fa230
- SHA1
  
  31fb76e5d9babe97a11fea041081f96ce426107a
- SHA256
  
  4363cd7d5b8671c72442ce1a1bfc10d64ebd24b2d718b54bd4fcd025e4967298
- SHA512
  
  846207f9db4c05d2070482c27af72c50b8f423ac1c7efb5266b059f6a41362704e9f5a590e428f4aefd791edd2e21c1b34473361911cbeea2cfcaf741b5bebff
- SSDEEP
  
  96:fijrkiK5k5LPXbac9m5Lv6FzSvd4gIRjETUT2+0qSdvabvDBwbjBu3FqvuFZ:KjrbLPD9sLvIzSvKgIqUyahFZ
Score

1^/10
behavioral5 behavioral6
- Target
  
  magik remake/WindowsFormsApp2/Properties/Resources.Designer.cs
- Size
  
  10KB
- MD5
  
  242dba7b47a307312429e2c541f529d3
- SHA1
  
  b183d290da34289476d9b86d9c0e2670eb7b130b
- SHA256
  
  163b4ad48ec6b59ee2f6868db89f44192ecd6c31d9c95dde9e689a7c04c07f0a
- SHA512
  
  e28149e6f402cdbe355de36026f2ecdc22053d4a9968679f93789667795c98d0ec8160f4af105bb336eb32f2816f14bd3f5b497bd41e6bc87f0477a8ba11ac3d
- SSDEEP
  
  192:qAqeY3M1heHV1e7q63zr6vzr6Tzr6Dzr65zr6fzr67zr63zr6Vzr6B5zr6Omzr6C:qAqQ1he11b63P6vP6TP6DP65P6fP67Pj
Score

1^/10
behavioral7 behavioral8
- Target
  
  magik remake/WindowsFormsApp2/Properties/Resources.resx
- Size
  
  10KB
- MD5
  
  00803eaf255836568b559f2cf36c81be
- SHA1
  
  1fddb9e5189f5af531ed0f54df03fc76fe080c7d
- SHA256
  
  44807f2849c3afa25663953edf03983ca51170e5aa66b09318615f0d40f82c5c
- SHA512
  
  0e251de18b04ef3599bd0577b5e441613c6ac8daf8910db846270055546f41f261379b58c8d51953098494d7af47e4fa64ca6b345c37f1afdfbd22694451894f
- SSDEEP
  
  192:KjrbLPD9sLvIzSvKgIqUyahF8zokwC1okwC/okwCcgokwC/okwCvokwC64okwCxj:KjrbLPxsLvASvKgwyahF8zokwC1okwCN
Score

1^/10
behavioral10 behavioral9
- Target
  
  magik remake/WindowsFormsApp2/bin/Debug/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral11 behavioral12
- Target
  
  magik remake/WindowsFormsApp2/bin/Debug/Siticone.UI.dll
- Size
  
  1.3MB
- MD5
  
  750c58af2e56b6addecffcf152520ab8
- SHA1
  
  14995e7f1d12498606d9d209d78d55fe6fd87802
- SHA256
  
  27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
- SHA512
  
  2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
- SSDEEP
  
  24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score

1^/10
behavioral13 behavioral14
- Target
  
  magik remake/WindowsFormsApp2/bin/Debug/WindowsFormsApp2.exe
- Size
  
  536KB
- MD5
  
  f88ea789c822a82e5f566cd65316b5a6
- SHA1
  
  53fb60d98bc2ad5768917e97f640a585c292ff84
- SHA256
  
  4b0392d390904abdd3f4956e6da7639329cc272df6898d58816a52347e434321
- SHA512
  
  af8207482192786d2108a48038fca56fce0fb62694ebe8c4fe7b19224d98f7057833222e8f58a8e4af596f4e1bd60bb84501d045209561b542412cb32f22ea7b
- SSDEEP
  
  12288:letpme4Kz473/3cawyhgy8AzQB98PfjOA:ED6Y47PMmtqxA
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral15 behavioral16
- Target
  
  magik remake/WindowsFormsApp2/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll
- Size
  
  6KB
- MD5
  
  a255161777622025b92f2dd2cf13cf59
- SHA1
  
  382bcf412c1dd7f593f2f46a25e483e288e4bcf6
- SHA256
  
  41f7c8d5a9186b12413bbe44d5e4ed01d2c239642d87c7df3cdccc403d3e6bbc
- SHA512
  
  2ee9dd363efc39e7abe321690d8c800b3cc45c6bfe469bb3664272ebd4bd2bb7cc6eea9ab62a6b4c962a6848f72232db387301a17eaa41653698e43f0d44c74a
- SSDEEP
  
  48:6YmL6a6Zv72SqMREhBslOmMZcHOdB37w/CrdSVlTkvqVIZjT9GJDfm+4HH1Zi3Lm:Ixo7zqqe/9w6gidb+4nXWLMjjjuwop
Score

1^/10
behavioral17 behavioral18
- Target
  
  magik remake/WindowsFormsApp2/obj/Debug/WindowsFormsApp2.exe
- Size
  
  536KB
- MD5
  
  f88ea789c822a82e5f566cd65316b5a6
- SHA1
  
  53fb60d98bc2ad5768917e97f640a585c292ff84
- SHA256
  
  4b0392d390904abdd3f4956e6da7639329cc272df6898d58816a52347e434321
- SHA512
  
  af8207482192786d2108a48038fca56fce0fb62694ebe8c4fe7b19224d98f7057833222e8f58a8e4af596f4e1bd60bb84501d045209561b542412cb32f22ea7b
- SSDEEP
  
  12288:letpme4Kz473/3cawyhgy8AzQB98PfjOA:ED6Y47PMmtqxA
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  magik remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net40/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  70bbce41447ba33a3c7e8dc99d3e6175
- SHA1
  
  295ca6d304dbe2532b4ff27e283834ded38d78ef
- SHA256
  
  4a641ea243f6e8943cbad387e5730d9eb92ce4bcfd5d9d096a547927503e755e
- SHA512
  
  6ef6f383a2623ba16dba08fb31afd4e980981886653737274df84e5ffde322f560d1ffe71edd0829ea24461c5ea488bb92be751019b44c921bd919207e5fcdd2
- SSDEEP
  
  49152:HJE3dj2ZfrOQJarXvIwWQY6zlP46ATdeedHvYTKv1tZJCh+ajdV0n2w4FN:2dj2ZPY
Score

1^/10
behavioral21 behavioral22
- Target
  
  magik remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net45/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  df5dd00bfa6f9b477cbd59cbddb75a00
- SHA1
  
  efc2b30aa830444fa5159ff8df187a8e7b5b6ab5
- SHA256
  
  163a2aa94061d1ed03c19c41d9f18e0cbae3a8f71fe78a46ef332e5df39c8da5
- SHA512
  
  3d8405eef2f19e40358ed91069c295911f67aeaff7a440b98e01a9799e485526db9788aaed99e5e046c6755aa075b6de9a0991f99f553a3edf334748a77adf10
- SSDEEP
  
  49152:1BGZRDJCizd4UwKGU2pFumG5sx9YzhJY+9O5L9uuKOHHT58agrj7fsfnbDF17F3A:zmC17Fw
Score

1^/10
behavioral23 behavioral24
- Target
  
  magik remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net461/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c45dc8507846b8c233e13392da0927d4
- SHA1
  
  72565751c84fa66106a418ffbbb10b5cba1be8b9
- SHA256
  
  e3f560939287a7f7ad6458a16e11b735de3c5dc84e1f656db213685d36b4af74
- SHA512
  
  a1d47eee6e6e59ac9f5b1637548a611861b80e5b5c98cfabda787a35c404c323c78b4a7460a06605b7e3f30145cb0410862b937bac49ad4f4ca80d3cbb35567e
- SSDEEP
  
  49152:4KoOW5m269ypJMKS+yU85icqpQEgRjmuaNJMKYKLHJVpW/gyW1vV5aV1LLa03Pwp:4KnC13v
Score

1^/10
behavioral25 behavioral26
- Target
  
  magik remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net472/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral27 behavioral28
- Target
  
  magik remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net48/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c97f23b52087cfa97985f784ea83498f
- SHA1
  
  d364618bec9cd6f8f5d4c24d3cc0f4c1a8e06b89
- SHA256
  
  e658e8a5616245dbe655e194b59f1bb704aaeafbd0925d6eebbe70555a638cdd
- SHA512
  
  ecfa83596f99afde9758d1142ff8b510a090cba6f42ba6fda8ca5e0520b658943ad85829a07bf17411e26e58432b74f05356f7eaeb3949a8834faa5de1a4f512
- SSDEEP
  
  49152:cvrqKk8q2gqi2OXCt6kuSw9g8PTNTN/23uxjPHEiCAjFcm:cvrqZr
Score

1^/10
behavioral29 behavioral30
- Target
  
  magik remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net6.0-windows7.0/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  fc5aba3c395c5f9098cb8e2f78e17022
- SHA1
  
  217061a89757a1d6eb976ad48fb9c93a7a58edcb
- SHA256
  
  cad8bb34cf070c10e995ebdb60d9d1b4e206bc763183a8cdfb29e17ffa30dd10
- SHA512
  
  148b275edaccd403ee7dcb70e959b29a22ed1c5f61b674afb94af6e9e6b010bb0a7dd9e964d2811dff9c2642a49bb278cc1a838a4f384f5648470187ee83936d
- SSDEEP
  
  49152:YTTFBySg6etzcwp8fB0hXGErGn9lut4XrgF0:irG8farRo
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

AgentTesla payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32