agenttesla | 2b04ca0db9427df8711aba88c6263c2ab3639c54d4c6cd78ae5197b057041b03 | Triage

Sharing

General

Target

comet.exe
Size

1.2MB
Sample

240909-wnr8xa1hnm
MD5

01ebbbb0e2be2e83ee16356f9d0d0cf5
SHA1

1c21379e4deb3faecc927cdbd70f25f8f42c74d8
SHA256

2b04ca0db9427df8711aba88c6263c2ab3639c54d4c6cd78ae5197b057041b03
SHA512

3b68df217a9888b3313c7036d6ef1fb7b7986dd6a1621aa0b70654797d53e2c57982d9363c070ceef136034db710ebf901a03fb210fb4b036d5d557d68f5d5c0
SSDEEP

24576:I1NJjDBAOySOTQcPTAcySiDNpfVkqgfPyU8/oa8reuaDH40:InJjDaOyL70nS4pfVkqgy6r3aE

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  comet.exe
- Size
  
  1.2MB
- MD5
  
  01ebbbb0e2be2e83ee16356f9d0d0cf5
- SHA1
  
  1c21379e4deb3faecc927cdbd70f25f8f42c74d8
- SHA256
  
  2b04ca0db9427df8711aba88c6263c2ab3639c54d4c6cd78ae5197b057041b03
- SHA512
  
  3b68df217a9888b3313c7036d6ef1fb7b7986dd6a1621aa0b70654797d53e2c57982d9363c070ceef136034db710ebf901a03fb210fb4b036d5d557d68f5d5c0
- SSDEEP
  
  24576:I1NJjDBAOySOTQcPTAcySiDNpfVkqgfPyU8/oa8reuaDH40:InJjDaOyL70nS4pfVkqgy6r3aE
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan