agenttesla | 0368ab0f24763144b866c9894899858d8c493d13c3d9cb170edf4582adbf4514 | Triage

Sharing

General

Target

Zara+Perm_new.zip
Size

1.3MB
Sample

240916-jty77axajl
MD5

ff31dd46cc80d102852a370f4dc13aba
SHA1

e6644f9d9a87e59dca851fbdaeed3017a9901d95
SHA256

0368ab0f24763144b866c9894899858d8c493d13c3d9cb170edf4582adbf4514
SHA512

7b4fe8da1d901136a6cce97ad438e492bcd74aa9b24f760401df3a75f8e5a8cec395377a1ec7e06acfa32582ae18ebfc7ce0068debff679925d62f8137a4e05f
SSDEEP

24576:VxQRub/VUyYo233SqR57Ckd1J4xi/BQrN+CECdGkx2cka5rVmbHqakNOcEZ8flf8:VGRubKp3SqRVCkHJ4xCOG+h2cH5UHqhe

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Bunifu.UI.WinForms.dll
- Size
  
  1.3MB
- MD5
  
  7bbf428fb683748a73594b9791a39f96
- SHA1
  
  341d30a12cbbd2e8c654fb1ddc382017ac83b2c2
- SHA256
  
  a870923034e7f135a4e34a3192c39fea8bf2f8f6a82e700b547101245e5f9de9
- SHA512
  
  1770ee20d88f83cfe343800a4dbc95eff0c9c253e2f42cd4d52baac959e1c8385c1c208610b10eeb96782283010ecc36d51ecce9bb815d3ee480024936327c58
- SSDEEP
  
  12288:FGixaz9472cwOIqgDGKyB0s2nCgtXcMrtObY18mdXQPGdc/Cs7R9LVyoasofOMKs:FFGdc/r/LjedWVhHc5zmr+udY/VrJ
Score

1^/10
behavioral1
- Target
  
  Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  278752062981db6fe27ba55f5099b8ae
- SHA1
  
  8446637986cf4a24e9135ee5c54f3170600e1e83
- SHA256
  
  538e6ca6001d609e251f88243409a2cbc9bc0517751843e76485a2c335e7829b
- SHA512
  
  142ff82ca90ca63a6a854e866615d742b585c102e8c4de5c773edeb1ac30c2cc2f6bcb190da394e4aadb4ef9518d194d99904463d6e952170d2924b16fcb00a5
- SSDEEP
  
  49152:PQNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckFjvkoEFB:PAhck1
Score

1^/10
behavioral2
- Target
  
  Lucky.exe
- Size
  
  73KB
- MD5
  
  6060c973b6b54b2056b923321fd38863
- SHA1
  
  87e4e3d5809d484004801c385172917edca5f4bf
- SHA256
  
  be05a8041e8d77bb4f791b3c1aa0fe4522fa7aeff07516025bbce0c4e5b129cb
- SHA512
  
  76486f0a76a9943f2ac3260f011319388659371c43599933f766c050c82f8ce2329d629067390a1b928ced96ef23605962d23f65a0354583b2a87d72b33b7750
- SSDEEP
  
  1536:aRQT4CM+vza9t1LuqlbeK2Iu3wNsS8W/1WDkB8l/qfyO:eQsDSO9fLucbeK2ISwSHy1WDkBSgyO
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

agenttesladiscoverykeyloggerspywarestealertrojan