agenttesla | c6dbba9d08f1533b2b39377203fef911edfb41d9c76c65b8c4bee30c1d5046c3 | Triage

Sharing

General

Target

df053873adad785cb818430491d168d0N.exe
Size

1.2MB
Sample

240905-fg1cyavale
MD5

df053873adad785cb818430491d168d0
SHA1

23b31b3e39db9516578ed11b00a9185d06eb6c34
SHA256

c6dbba9d08f1533b2b39377203fef911edfb41d9c76c65b8c4bee30c1d5046c3
SHA512

64b41a63984f2c1c174251b4fa31752d22fabada399b943469fef2fe71f6aa7ae61fc7bdeb17f58ede260cab9f792a2d9de84d943d3c4c2bb667e201353e85b2
SSDEEP

24576:oqDEvCTbMWu7rQYlBQcBiT6rprG8aPXrXOmpSnni6bwz4QUs:oTvC/MTQYxsWR7aP7XOmpN4

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  df053873adad785cb818430491d168d0N.exe
- Size
  
  1.2MB
- MD5
  
  df053873adad785cb818430491d168d0
- SHA1
  
  23b31b3e39db9516578ed11b00a9185d06eb6c34
- SHA256
  
  c6dbba9d08f1533b2b39377203fef911edfb41d9c76c65b8c4bee30c1d5046c3
- SHA512
  
  64b41a63984f2c1c174251b4fa31752d22fabada399b943469fef2fe71f6aa7ae61fc7bdeb17f58ede260cab9f792a2d9de84d943d3c4c2bb667e201353e85b2
- SSDEEP
  
  24576:oqDEvCTbMWu7rQYlBQcBiT6rprG8aPXrXOmpSnni6bwz4QUs:oTvC/MTQYxsWR7aP7XOmpN4
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan