Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1275135282223775926/1280323890933010482/Stix_Free_Utility_Installer.exe?ex=66d7aa0a&is=66d6588a&hm=a7b019f6107733314fd8a09e0314260b79f1f8a8763c1ba146afc9e39f6c5bef&

  • Sample

    240903-pbnavsxdnh

Score
10/10
agenttesladiscoverykeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1275135282223775926/1280323890933010482/Stix_Free_Utility_Installer.exe?ex=66d7aa0a&is=66d6588a&hm=a7b019f6107733314fd8a09e0314260b79f1f8a8763c1ba146afc9e39f6c5bef&

    Score
    10/10
    agenttesladiscoverykeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks