agenttesla | 634efc8e0f7788ad2460bcf4d319b6a969f0e62134c85233606e9fc05652c8f4 | Triage

Sharing

General

Target

Yeniklasr3.zip
Size

4.7MB
Sample

240914-x9tjjasbmh
MD5

802488e08a0c15b47aa3afbb683ccbe3
SHA1

762366cda572ba8bb4b31d9b3543982412152b74
SHA256

634efc8e0f7788ad2460bcf4d319b6a969f0e62134c85233606e9fc05652c8f4
SHA512

ad6cbca1e335229ecf377d49856e1b3e23fac1d6900d76a682146876f126e41efa7e645138976fa2ad788c473d7167dd070f20ad7c08cc343ca01aaf63e35dc3
SSDEEP

98304:fyUZhzdw1zn/WngA5RDV/CZsaKB2KU0r4SU6SUy5fce1EWtuJFO7ssuiDBnH:fjTS1r/WngIv/8K4qokJFOfuiJH

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Guna.UI2.dll
- Size
  
  1.9MB
- MD5
  
  a6c5c5d8f6a0e33f789c1c9c070a38d6
- SHA1
  
  f36efdf71e737c78e83d8d284ba03b5d5aff95f1
- SHA256
  
  cf423a447e5c1dc8bc0b84ef005e2e942fa149ba4f9caf7e2f12f672cad55385
- SHA512
  
  fd679781213be3b7ec6a39b2dacb2b96c356d4276e8b23995f243cbda88f56e311f2933244f50e50a27c72d664b67bb337ab0053c5e83fd934bbb67d6576a124
- SSDEEP
  
  24576:sdNsB5K6Piv+Xv45K/+GEg4f7bP1/Ud4hCC18Xow1Ajg/nsad4hTaV+jXlo0HQ/F:mLbe1Ajg/nsad4FaV+j
Score

1^/10
behavioral1 behavioral2
- Target
  
  Hunter.god.exe
- Size
  
  2.5MB
- MD5
  
  33b6286622fe7472aa5f52a825fad2cc
- SHA1
  
  9fd11e415d3f674e94282ce1b22387d386aaabf9
- SHA256
  
  6b0fd01ecbfd1f56101bb7998c88e7fa77f90252ca56c294b4d35406880ad9a8
- SHA512
  
  559bce1ae58659d00c83beb453fcd8fe857b1acf80f2affe62878f9efa4bab60874e982193dc94f85f1ffe5d25a5e3f693e31ecfc5689ef0899c5b3590cff178
- SSDEEP
  
  49152:f8dngwwHv5VbtHwtrgBWBKH8jkDVFCNXODzWS9HfX0H6+qR21rD:fkgNhVRwC+KH4kpc+DX/0H6+qRkH
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral3 behavioral4
- Target
  
  Siticone.Desktop.UI.dll
- Size
  
  4.0MB
- MD5
  
  1582aa45d981e0e569c6e05698642b30
- SHA1
  
  763506f312a186c55a04ef6a16ad7e867c394097
- SHA256
  
  21eecaf504b7fe787a45f4aa8f8f36dacfc3ab1d75624dfb41827cdef2a9a589
- SHA512
  
  278a7a4e2b9d82528200b9f92244db3f228187d15c36fd169deb927e343bc4d0bb29c9dba496f86558aea4f4deb44d1e47a41d5598c0b375d99ad9fbe99cec34
- SSDEEP
  
  24576:UCCxPAT4L7h3M7O2MLBSlvTh/aOBteUePU/DU/GHQYazK/DkWoql3zjbndHQ/jzb:WuO2MIThZNwewYDoyG
Score

1^/10
behavioral5 behavioral6
- Target
  
  Siticone.UI.dll
- Size
  
  1.3MB
- MD5
  
  2474124f9a70301411e5a42caa0225f6
- SHA1
  
  23c561479001148931601b14889d0c10c1420e85
- SHA256
  
  283346e95883d2c51743b725ecd41f2afd97adbbf86ec9d9735072505d5726b4
- SHA512
  
  a4c798779674fefde60b87cb7b57f1b7b723649189ce7f89e6993b1ee84e84c18eb5f97fce4a531fe8f361fa4ecda79e482f57f695b968e9543345cc40e321ff
- SSDEEP
  
  24576:RVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8g:H8NlaVeuHF
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

agentteslakeyloggerspywarestealertrojan

behavioral4

agentteslakeyloggerspywarestealertrojan

behavioral5

behavioral6

behavioral7

behavioral8