agenttesla | 8eb121e219115c5d99467b8ac770939023e779c61fda5b7c841e2bbd058020b3 | Triage

Sharing

General

Target

07092024023206092024FHT65609567TVS09760PFT09790979.PDF.7Z
Size

563KB
Sample

240907-j4ss6ateqq
MD5

8b9b0abb6155b02de65ebb7de80908ca
SHA1

1a864b52816c510b4e430d931fa25588c4535f63
SHA256

8eb121e219115c5d99467b8ac770939023e779c61fda5b7c841e2bbd058020b3
SHA512

5588c73b46017f9a5bfcc389c9ac5892d97453589a4abf41f931d1fb1e9a1f2e419a6b8e17811b22c4a8663e681707dd5cc56955733abf7f60f767a28b25a1f0
SSDEEP

12288:lxhkbPd2dJZlMzSq4sThgxn5sHXXEb1XyvL5+Uek1Gm/JGs8:lYPAdLlM+sThgx5s3URivt+Uek11Gd

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.worlorderbillions.top
Port:
587
Username:
[email protected]
Password:
vqpF.#;cCodu
Email To:
[email protected]

Targets

- Target
  
  FHT65609567-TVS09760-PFT09790979.PDF.exe
- Size
  
  1.0MB
- MD5
  
  7514b66e59d91dfdba219668bc757794
- SHA1
  
  26cb2ccbbef9427b0a3f7b306168aa6e6591f468
- SHA256
  
  f9a535ecbad3b5f46b22084b4ddb51cae2b85f632aeef1128c1875a14533b294
- SHA512
  
  0768de3169ab927bfe1f449710e896a2149726d492afcfbc35808e64b54c86d63a66825e399b27f64b7c8855346bfa833ffcd59851d078dc111c174ca37c5342
- SSDEEP
  
  24576:tAHnh+eWsN3skA4RV1Hom2KXMmHaHe+SHD7torKab5:Mh+ZkldoPK8YaHe+SHfid
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan