agenttesla

Sharing

Copy URL

Twitter E-mail

General

Target

ub.gg perm remake.7z
Size

11.4MB
Sample

240906-s1bvxatgjj
MD5

e42ea61071fb07578309ca49b9c4a49f
SHA1

b6b233a2fbfa369d743900cc00f1414b6024c289
SHA256

34971b1343c4dce38f3d0ddb02e4fced4c30793154150b3b32c9476a275968ba
SHA512

8b6faf8f0cfc4bb00ca84b267b19d092569d401980c4cdb349e2d9dcbf42ffb72a56236e3bfad7af34f084c0ce678419731e215890b8fb81a117cdc05c5475c5
SSDEEP

196608:RzYXQGASvxUKjlQrnE0SaScnlQWW5JGgkmsyXQGbzvzVYD20o999EEpJyg5xjNk:dOCSvWKRQQ0tTW5JGgk2Ao7O20oLDJPu

Score

10^/10

Malware Config

Targets

- Target
  
  ub.gg perm remake/WindowsFormsApp2/Form1.resx
- Size
  
  65KB
- MD5
  
  5342dc9916378ffe6ea78ffc2fdbe130
- SHA1
  
  c975fdb23b11beeca44f24c34970e7b0d64b301a
- SHA256
  
  d4a3758ac6a7dddeb80a5194de7decc8bfb2297e420270e653b136c689c0d27a
- SHA512
  
  87fe5ea385216a925b8f1e5b978b7a1ceaf093a5d5a69b4eb8e9e0f15de5652158ac6e8d1d2ee6557391759bea4c4f15fd84d55e6210bd7a267a08e7aa2a5af2
- SSDEEP
  
  1536:Kj2v6NeG0ixxlCtK8sGYB04adqh/GQLxY3nCMnbO:Kj2GekxxeRsm4SwO3CMbO
Score

1^/10
behavioral1
- Target
  
  ub.gg perm remake/WindowsFormsApp2/Form2.resx
- Size
  
  6KB
- MD5
  
  6458025baccf147905e7d4d2f7d86b51
- SHA1
  
  3f9ab1434c6461e214a54f278e35abe92fb09ff4
- SHA256
  
  9bc31299654917169699eda55308cde4cdc8a1b9e2546e150c6be4c51f4237c9
- SHA512
  
  5cbbe05b85e31c33a916dd54ef497cb4fb4d72b0608e8d47f6621f77679a8211f7366b5394879da383a6a8e0611243d70c5d3ed7899321f60f5a2fa108008f23
- SSDEEP
  
  192:KjrbLPD9sLvIzSvKgIqUyahF0bawnsbaw02bawPJbawsR:KjrbLPxsLvASvKgwyahFSawnaaw0sawO
Score

1^/10
behavioral2
- Target
  
  ub.gg perm remake/WindowsFormsApp2/Form4.resx
- Size
  
  5KB
- MD5
  
  4eb5913a0e5aa842250f7419538fa230
- SHA1
  
  31fb76e5d9babe97a11fea041081f96ce426107a
- SHA256
  
  4363cd7d5b8671c72442ce1a1bfc10d64ebd24b2d718b54bd4fcd025e4967298
- SHA512
  
  846207f9db4c05d2070482c27af72c50b8f423ac1c7efb5266b059f6a41362704e9f5a590e428f4aefd791edd2e21c1b34473361911cbeea2cfcaf741b5bebff
- SSDEEP
  
  96:fijrkiK5k5LPXbac9m5Lv6FzSvd4gIRjETUT2+0qSdvabvDBwbjBu3FqvuFZ:KjrbLPD9sLvIzSvKgIqUyahFZ
Score

1^/10
behavioral3
- Target
  
  ub.gg perm remake/WindowsFormsApp2/Properties/Resources.Designer.cs
- Size
  
  10KB
- MD5
  
  242dba7b47a307312429e2c541f529d3
- SHA1
  
  b183d290da34289476d9b86d9c0e2670eb7b130b
- SHA256
  
  163b4ad48ec6b59ee2f6868db89f44192ecd6c31d9c95dde9e689a7c04c07f0a
- SHA512
  
  e28149e6f402cdbe355de36026f2ecdc22053d4a9968679f93789667795c98d0ec8160f4af105bb336eb32f2816f14bd3f5b497bd41e6bc87f0477a8ba11ac3d
- SSDEEP
  
  192:qAqeY3M1heHV1e7q63zr6vzr6Tzr6Dzr65zr6fzr67zr63zr6Vzr6B5zr6Omzr6C:qAqQ1he11b63P6vP6TP6DP65P6fP67Pj
Score

1^/10
behavioral4
- Target
  
  ub.gg perm remake/WindowsFormsApp2/Properties/Resources.resx
- Size
  
  10KB
- MD5
  
  00803eaf255836568b559f2cf36c81be
- SHA1
  
  1fddb9e5189f5af531ed0f54df03fc76fe080c7d
- SHA256
  
  44807f2849c3afa25663953edf03983ca51170e5aa66b09318615f0d40f82c5c
- SHA512
  
  0e251de18b04ef3599bd0577b5e441613c6ac8daf8910db846270055546f41f261379b58c8d51953098494d7af47e4fa64ca6b345c37f1afdfbd22694451894f
- SSDEEP
  
  192:KjrbLPD9sLvIzSvKgIqUyahF8zokwC1okwC/okwCcgokwC/okwCvokwC64okwCxj:KjrbLPxsLvASvKgwyahF8zokwC1okwCN
Score

1^/10
behavioral5
- Target
  
  ub.gg perm remake/WindowsFormsApp2/bin/Debug/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral6
- Target
  
  ub.gg perm remake/WindowsFormsApp2/bin/Debug/Siticone.UI.dll
- Size
  
  1.3MB
- MD5
  
  750c58af2e56b6addecffcf152520ab8
- SHA1
  
  14995e7f1d12498606d9d209d78d55fe6fd87802
- SHA256
  
  27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
- SHA512
  
  2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
- SSDEEP
  
  24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score

1^/10
behavioral7
- Target
  
  ub.gg perm remake/WindowsFormsApp2/bin/Debug/WindowsFormsApp2.exe
- Size
  
  504KB
- MD5
  
  7e873ea844ca676ad0daaa3ab3ea18f0
- SHA1
  
  62a93ae492a92e2dbd079f7a6fc8ebfd2ffc64ee
- SHA256
  
  9d9a558671f4b14e8edf2b62c26db0535de697dc181f5954b9e648b7e007a513
- SHA512
  
  9c65c7476a60b6d8584b2d4c2c20a7038deac1b20ef51d335191364bed33eef0d74cfbf25e8f591fca5e763d299577557971354c9d5c795c6f53c2f6522a9848
- SSDEEP
  
  6144:R91wbsUCZ4cyL8IL6ZE14Doq3/3coFEwaPqfvhiCGhPQHhiA5Ju8FXO2kNk1y8Ua:RXi7z473/3cawyhgy8AzQB98PfjOA
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral8
- Target
  
  ub.gg perm remake/WindowsFormsApp2/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll
- Size
  
  6KB
- MD5
  
  a255161777622025b92f2dd2cf13cf59
- SHA1
  
  382bcf412c1dd7f593f2f46a25e483e288e4bcf6
- SHA256
  
  41f7c8d5a9186b12413bbe44d5e4ed01d2c239642d87c7df3cdccc403d3e6bbc
- SHA512
  
  2ee9dd363efc39e7abe321690d8c800b3cc45c6bfe469bb3664272ebd4bd2bb7cc6eea9ab62a6b4c962a6848f72232db387301a17eaa41653698e43f0d44c74a
- SSDEEP
  
  48:6YmL6a6Zv72SqMREhBslOmMZcHOdB37w/CrdSVlTkvqVIZjT9GJDfm+4HH1Zi3Lm:Ixo7zqqe/9w6gidb+4nXWLMjjjuwop
Score

1^/10
behavioral9
- Target
  
  ub.gg perm remake/WindowsFormsApp2/obj/Debug/WindowsFormsApp2.exe
- Size
  
  504KB
- MD5
  
  7e873ea844ca676ad0daaa3ab3ea18f0
- SHA1
  
  62a93ae492a92e2dbd079f7a6fc8ebfd2ffc64ee
- SHA256
  
  9d9a558671f4b14e8edf2b62c26db0535de697dc181f5954b9e648b7e007a513
- SHA512
  
  9c65c7476a60b6d8584b2d4c2c20a7038deac1b20ef51d335191364bed33eef0d74cfbf25e8f591fca5e763d299577557971354c9d5c795c6f53c2f6522a9848
- SSDEEP
  
  6144:R91wbsUCZ4cyL8IL6ZE14Doq3/3coFEwaPqfvhiCGhPQHhiA5Ju8FXO2kNk1y8Ua:RXi7z473/3cawyhgy8AzQB98PfjOA
Score

3^/10

discovery
behavioral10
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net40/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  70bbce41447ba33a3c7e8dc99d3e6175
- SHA1
  
  295ca6d304dbe2532b4ff27e283834ded38d78ef
- SHA256
  
  4a641ea243f6e8943cbad387e5730d9eb92ce4bcfd5d9d096a547927503e755e
- SHA512
  
  6ef6f383a2623ba16dba08fb31afd4e980981886653737274df84e5ffde322f560d1ffe71edd0829ea24461c5ea488bb92be751019b44c921bd919207e5fcdd2
- SSDEEP
  
  49152:HJE3dj2ZfrOQJarXvIwWQY6zlP46ATdeedHvYTKv1tZJCh+ajdV0n2w4FN:2dj2ZPY
Score

1^/10
behavioral11
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net45/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  df5dd00bfa6f9b477cbd59cbddb75a00
- SHA1
  
  efc2b30aa830444fa5159ff8df187a8e7b5b6ab5
- SHA256
  
  163a2aa94061d1ed03c19c41d9f18e0cbae3a8f71fe78a46ef332e5df39c8da5
- SHA512
  
  3d8405eef2f19e40358ed91069c295911f67aeaff7a440b98e01a9799e485526db9788aaed99e5e046c6755aa075b6de9a0991f99f553a3edf334748a77adf10
- SSDEEP
  
  49152:1BGZRDJCizd4UwKGU2pFumG5sx9YzhJY+9O5L9uuKOHHT58agrj7fsfnbDF17F3A:zmC17Fw
Score

1^/10
behavioral12
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net461/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c45dc8507846b8c233e13392da0927d4
- SHA1
  
  72565751c84fa66106a418ffbbb10b5cba1be8b9
- SHA256
  
  e3f560939287a7f7ad6458a16e11b735de3c5dc84e1f656db213685d36b4af74
- SHA512
  
  a1d47eee6e6e59ac9f5b1637548a611861b80e5b5c98cfabda787a35c404c323c78b4a7460a06605b7e3f30145cb0410862b937bac49ad4f4ca80d3cbb35567e
- SSDEEP
  
  49152:4KoOW5m269ypJMKS+yU85icqpQEgRjmuaNJMKYKLHJVpW/gyW1vV5aV1LLa03Pwp:4KnC13v
Score

1^/10
behavioral13
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net472/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral14
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net48/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c97f23b52087cfa97985f784ea83498f
- SHA1
  
  d364618bec9cd6f8f5d4c24d3cc0f4c1a8e06b89
- SHA256
  
  e658e8a5616245dbe655e194b59f1bb704aaeafbd0925d6eebbe70555a638cdd
- SHA512
  
  ecfa83596f99afde9758d1142ff8b510a090cba6f42ba6fda8ca5e0520b658943ad85829a07bf17411e26e58432b74f05356f7eaeb3949a8834faa5de1a4f512
- SSDEEP
  
  49152:cvrqKk8q2gqi2OXCt6kuSw9g8PTNTN/23uxjPHEiCAjFcm:cvrqZr
Score

1^/10
behavioral15
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net6.0-windows7.0/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  fc5aba3c395c5f9098cb8e2f78e17022
- SHA1
  
  217061a89757a1d6eb976ad48fb9c93a7a58edcb
- SHA256
  
  cad8bb34cf070c10e995ebdb60d9d1b4e206bc763183a8cdfb29e17ffa30dd10
- SHA512
  
  148b275edaccd403ee7dcb70e959b29a22ed1c5f61b674afb94af6e9e6b010bb0a7dd9e964d2811dff9c2642a49bb278cc1a838a4f384f5648470187ee83936d
- SSDEEP
  
  49152:YTTFBySg6etzcwp8fB0hXGErGn9lut4XrgF0:irG8farRo
Score

1^/10
behavioral16
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/net7.0-windows7.0/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  b429ae86c5be521bc8ca3b164cec3acb
- SHA1
  
  387560073ff5a1f2191abc6f75fc34532bbb6dd2
- SHA256
  
  3ac70532408b89159bfe235d4ed228faa03ae3fbd63ec6a82d895f287a3b0579
- SHA512
  
  eae65de53da50708983ed8ebf9e1e3dd5f9aea95a354d272e199bb59517f62bfe35f0df7a37d81ab0423d0d6d29304fa70284c731bd54023e446b2c19bacafb1
- SSDEEP
  
  24576:DgWuftU4WrNOA6sM6kXxMfNmnjk/c5NrH0UUoo2QkJXVSItH5ppoO0KzJ6nFwHQL:DA+NOpXm1mnj0cP+DkhMAiawnFV
Score

1^/10
behavioral17
- Target
  
  ub.gg perm remake/packages/Guna.UI2.WinForms.2.0.4.6/lib/netcoreapp3.1/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  1ada83c7155d1c9e302af110b0024f70
- SHA1
  
  9574d6eea4d576fbc9bdcd3eb86dfa3b421fe05e
- SHA256
  
  dc2facf8e28798226555acbc3b8fb252b7d44b971ca05563b22fa000fde1eb79
- SHA512
  
  8236a3c14ca2960fffbf34ac9f1385426e2fde03de4028ce7674855f6f72dc35b1cf71e42fbf53799fe23584d4f6aff6760cbd39c921dd9253f36c69810db53d
- SSDEEP
  
  49152:sIMHP3dPYHRRagQ8fajJa0qRefV9J7r1V6TPKHnFnh2k6J/E:M18s7rv
Score

1^/10
behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

AgentTesla payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18