Overview

overview

10

Static

static

1

40rSbt.html

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    40rSbt

  • Size

    494B

  • Sample

    240904-qv56fs1cjq

  • MD5

    0d5e9552cb5767233c9c35f5382944ee

  • SHA1

    e6f947e89e0d839bbb0fdd5e368a386ce4e3a8e6

  • SHA256

    82552ffff92f9414b3c86d01fe3b33ac14adca0ac567e69712bf63755242f50c

  • SHA512

    4f371443a67b54aba32b8d3b7437a8aa3aa325fb8e1711d75ff6665419831bfec517d043bbfe66a67aeceb3c29c4578332cd67373843f0244f2cd655ef453847

Score
10/10
agenttesladiscoverykeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      40rSbt

    • Size

      494B

    • MD5

      0d5e9552cb5767233c9c35f5382944ee

    • SHA1

      e6f947e89e0d839bbb0fdd5e368a386ce4e3a8e6

    • SHA256

      82552ffff92f9414b3c86d01fe3b33ac14adca0ac567e69712bf63755242f50c

    • SHA512

      4f371443a67b54aba32b8d3b7437a8aa3aa325fb8e1711d75ff6665419831bfec517d043bbfe66a67aeceb3c29c4578332cd67373843f0244f2cd655ef453847

    Score
    10/10
    agenttesladiscoverykeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Loads dropped DLL

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks