agenttesla | 5ab0a800b90cc3a30a244cb23bcd76e7f060f7512b5b28cac0906ccf1bee3a4f | Triage

Sharing

General

Target

Mairaj Cheats.rar
Size

1.5MB
Sample

240907-eqm9asvbjb
MD5

580eb0224a63931d73e0052e3fa9e22a
SHA1

fed6809cde35b315c3b08ff151fbdd97ed19f662
SHA256

5ab0a800b90cc3a30a244cb23bcd76e7f060f7512b5b28cac0906ccf1bee3a4f
SHA512

3cb33bff419537b628b295780b34ea3456c87d5b01b2f6e96e2b4e5c8a7baa7ca3d36f55f0545e90f9514051a14a952a9883861f7d454c0102352663224a76a6
SSDEEP

24576:i7VD/1SJR3K5VXbBD2W6CsOjn1CHk5JbgrHypRYPvX8ZEqTO0y+:K7IRWll6CZnKkbcHyIPvX8uyOG

Score

10^/10

agenttesla discovery evasion keylogger persistence spyware stealer trojan

Malware Config

Targets

- Target
  
  Mairaj Cheats.exe
- Size
  
  2.2MB
- MD5
  
  e3a6a32e263cc8b3746d8dcb1c75ad23
- SHA1
  
  3cdc54b5486d8269c97d538d0ecfe88a62385f4b
- SHA256
  
  3f3d8e681557a2c490b3c3eccc11f9ae78933ed96803d3fe608b0352451f24f9
- SHA512
  
  1d5b8c6486a78f372b3adf025ad6bef53ef332317916a02d012de27804732e2f306ab0a184382f10bb42119c2ed12a08611132ff2a33532c71268822edc5e9f6
- SSDEEP
  
  49152:LyXzpqHkFAjys7tNQJ/W2nn2ITYbNbNWo4kSH3OqtwITw+W7SC+hd:JHk2jysHjZIT4bNJFY3OqtYSd
Score

10^/10

agenttesla discovery evasion keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Modifies visiblity of hidden/system files in Explorer
  evasion
- AgentTesla payload
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoveryevasionkeyloggerpersistencespywarestealertrojan