Overview

overview

10

Static

static

5

Statement ...24.exe

windows7-x64

10

Statement ...24.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10cb2f45ed329d4e54ae3534fa7c84fae27380f36ce5704e708bd0e1eaa76d7a

  • Size

    596KB

  • Sample

    240906-y48a6swfmg

  • MD5

    ce0a578c0d539a181a644543fa14370d

  • SHA1

    dbfe61b26f3157ce1f054ca2c09f3e2fdb013920

  • SHA256

    10cb2f45ed329d4e54ae3534fa7c84fae27380f36ce5704e708bd0e1eaa76d7a

  • SHA512

    8338f5f9132aff30718217cc4e5c338367006754d3a6463b8de1a502054746cdf3092c32e30627b53a3d6b51babacb1fc1bdc4c01ba714b7dc2666db9a5351fb

  • SSDEEP

    12288:L4Fa5ch/Qw72X8cUvJapZcWjAiRhU/StZGnLAPPMfEmovCU3HD:EFa+ZAJU/StmLwPeEmyj

Score
10/10
agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

Targets

    • Target

      Statement of Account Due - August 31, 2024.exe

    • Size

      1019KB

    • MD5

      4bb066623fe7f3182d53a21741a4ecc7

    • SHA1

      f601da88b55d9a90c8a3cc9a820aec521224e9f9

    • SHA256

      d1c91f8b04e4dd8c499ab9c2dfc5a2471fcd783dc09d3f1b0afa98d246f213d8

    • SHA512

      eb930fff2d805d06028daa320afb854682bb53b1af8ee0c533d14733bdca8c62d2e113b1f84fbdfcc826218ab7400b53ab2ad22ebfe109c2c8a9701f5a98608a

    • SSDEEP

      24576:9AHnh+eWsN3skA4RV1Hom2KXMmHaBYt8BwH+YWRN5:ch+ZkldoPK8YaBYtT8

    Score
    10/10
    agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks