agenttesla | 511278017075512404f3310619a23d2ca7c19a935cdd62c890a710569be3e822 | Triage

Sharing

General

Target

511278017075512404f3310619a23d2ca7c19a935cdd62c890a710569be3e822
Size

564KB
Sample

240904-dahs7svgpe
MD5

bd08d3f2ee9f2a6b39a6ec2000e7626e
SHA1

da4e6422c2e4d17e8f18503469160a434beacb70
SHA256

511278017075512404f3310619a23d2ca7c19a935cdd62c890a710569be3e822
SHA512

6b0b452d960d668f6f39dae498dab97d195f273df59384e2dd1ef9d761860433906c2f1d0d061285a2069fbe73d5194f619cf9242395ec41662d82f203b2ea71
SSDEEP

12288:HyVhZLyv1D3rMGXD5ejvLIISznIUXxrZxCUew6es5lgX9QdhQZx:H2hZi1D7MGXleTLMznBZwUPOlgX9UhQT

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  sspt.exe
- Size
  
  1.1MB
- MD5
  
  8f0e01c903d0cade8a1137375dc47e95
- SHA1
  
  b041125133c6b72d9f5aab16e4d06d00123158bd
- SHA256
  
  d7928afd0b6864968e44f9f0ee807991b3a620f30e57048863ba94a40f291caf
- SHA512
  
  82a6d0245102628c4cc3452e6c3aa05440d67b494190be7b6106ac129f6f15963bd91dd885b98a8c9783c746c7f21752899095fd3531893e37938b8795185213
- SSDEEP
  
  24576:0AHnh+eWsN3skA4RV1Hom2KXMmHaAy3F184eL45:Dh+ZkldoPK8YaAsK4d
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan