agenttesla | 402099326202da95a3c10fba47d836d6f9af2ce39f11e405da6027adcffb4480 | Triage

Sharing

General

Target

sspt.exe
Size

1.1MB
Sample

240905-brs96a1flb
MD5

00e6dc3e2c38c26ddb776056064457a3
SHA1

d131c45f75d38019fe257563b98a8747eabcec6a
SHA256

402099326202da95a3c10fba47d836d6f9af2ce39f11e405da6027adcffb4480
SHA512

23e8cb49f7381db19d14c7d244d7211dd1c6e021932113e05c5b1778add293989f9645760c89bbe3bdb61ea4c8cee8a48841682443e4885f444ab25900247596
SSDEEP

24576:0AHnh+eWsN3skA4RV1Hom2KXMmHa8wtbEc04/8Erp4i2P35:Dh+ZkldoPK8Ya80904F2R

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  sspt.exe
- Size
  
  1.1MB
- MD5
  
  00e6dc3e2c38c26ddb776056064457a3
- SHA1
  
  d131c45f75d38019fe257563b98a8747eabcec6a
- SHA256
  
  402099326202da95a3c10fba47d836d6f9af2ce39f11e405da6027adcffb4480
- SHA512
  
  23e8cb49f7381db19d14c7d244d7211dd1c6e021932113e05c5b1778add293989f9645760c89bbe3bdb61ea4c8cee8a48841682443e4885f444ab25900247596
- SSDEEP
  
  24576:0AHnh+eWsN3skA4RV1Hom2KXMmHa8wtbEc04/8Erp4i2P35:Dh+ZkldoPK8Ya80904F2R
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan