agenttesla | a43f7b6e00077f2f616818989678825bcda416ae225c552689f6379039dae9eb | Triage

Sharing

General

Target

a43f7b6e00077f2f616818989678825bcda416ae225c552689f6379039dae9eb
Size

1.2MB
Sample

240909-nha4favelm
MD5

bbb5aa99d87ee4d69443452ea1274281
SHA1

7be9b4f3d7a6226e44d35624decf934e6a5d0e0a
SHA256

a43f7b6e00077f2f616818989678825bcda416ae225c552689f6379039dae9eb
SHA512

15d5229f248685c443ca1b30ba6d340b3624f48b28f84e8e21700d7538730817243bb20a3cb2c29b77894b1df2e71509b9a68f3104a9a2c1be34a9314fab46ca
SSDEEP

24576:bqDEvCTbMWu7rQYlBQcBiT6rprG8aYkt1yadYeST2cJUT:bTvC/MTQYxsWR7aYkt/SyV

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.worlorderbillions.top
Port:
587
Username:
[email protected]
Password:
3^?r?mtxk(kt
Email To:
[email protected]

Targets

- Target
  
  a43f7b6e00077f2f616818989678825bcda416ae225c552689f6379039dae9eb
- Size
  
  1.2MB
- MD5
  
  bbb5aa99d87ee4d69443452ea1274281
- SHA1
  
  7be9b4f3d7a6226e44d35624decf934e6a5d0e0a
- SHA256
  
  a43f7b6e00077f2f616818989678825bcda416ae225c552689f6379039dae9eb
- SHA512
  
  15d5229f248685c443ca1b30ba6d340b3624f48b28f84e8e21700d7538730817243bb20a3cb2c29b77894b1df2e71509b9a68f3104a9a2c1be34a9314fab46ca
- SSDEEP
  
  24576:bqDEvCTbMWu7rQYlBQcBiT6rprG8aYkt1yadYeST2cJUT:bTvC/MTQYxsWR7aYkt/SyV
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan