agenttesla | f0e7d80963f2b5add33ea9a6b000703b3564ce6d0258c2e1a19f9a21926a719b | Triage

Sharing

General

Target

f832e1f5953de2b3189a269affceb340N.exe
Size

1.4MB
Sample

240907-lyzevsyajq
MD5

f832e1f5953de2b3189a269affceb340
SHA1

15954571515f498539067d8239517db080797a1c
SHA256

f0e7d80963f2b5add33ea9a6b000703b3564ce6d0258c2e1a19f9a21926a719b
SHA512

8dab3df75283e72f06d955029d4620cd8776003a2f32dacf102241aba902cf5868c71161533b0be34031e7ca9f8d5ffcecc0dd0cb56d537997df53065e5d8d3b
SSDEEP

24576:PK5/WoEoYSWWc4WS2Bv0qQpxNUy/1xV4BONqWm9N+ZE3UIXwhM4s4go9tX7X:PK5rjxW14WBvLQbGc1xV4BOsWdawhjsy

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  f832e1f5953de2b3189a269affceb340N.exe
- Size
  
  1.4MB
- MD5
  
  f832e1f5953de2b3189a269affceb340
- SHA1
  
  15954571515f498539067d8239517db080797a1c
- SHA256
  
  f0e7d80963f2b5add33ea9a6b000703b3564ce6d0258c2e1a19f9a21926a719b
- SHA512
  
  8dab3df75283e72f06d955029d4620cd8776003a2f32dacf102241aba902cf5868c71161533b0be34031e7ca9f8d5ffcecc0dd0cb56d537997df53065e5d8d3b
- SSDEEP
  
  24576:PK5/WoEoYSWWc4WS2Bv0qQpxNUy/1xV4BONqWm9N+ZE3UIXwhM4s4go9tX7X:PK5rjxW14WBvLQbGc1xV4BOsWdawhjsy
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan