agenttesla | de0835ddd38f1bfb66bf108e54e290edddc9b53505582cac2ea115d9617070e8 | Triage

Sharing

General

Target

de0835ddd38f1bfb66bf108e54e290edddc9b53505582cac2ea115d9617070e8
Size

823KB
Sample

240919-b32exathpe
MD5

5a82039215cbe0a0259ba6722d9fcaac
SHA1

96bcd6b87298f28041539300cb5b11b65d56b3a6
SHA256

de0835ddd38f1bfb66bf108e54e290edddc9b53505582cac2ea115d9617070e8
SHA512

1fee4ac86ff117bccf58fe4d8683d0e7d822c6155e6ab8612bf988fda3354c27e5897e12d5e8b6593f0ebd8aa0d5fb9a082fcfb4e6a0eafb1ca21b727b8000b4
SSDEEP

12288:9O5fOOk5j+gm3tOYAVzgWQIXGxZE74InS6x4q1f968P8btygvb2ISQf:cjdODVzXBXaEMqKqP8rT7xf

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  27.exe
- Size
  
  1.2MB
- MD5
  
  89650dc6800553f58cee7c1471ecd97d
- SHA1
  
  78443bb7a6826781f2f414783c248e08f2893cdc
- SHA256
  
  a6321a072d7fe8790f12f68fdb8c2e6fd91b212233fd3c98b9169d6b48ed15e2
- SHA512
  
  1f7f41bf0c239c43f3d447eaeeeae3044bee6d11d39a0eebc3e260021bbdd88b67ed7fa3c3999b729228559e4ff9f8b282a9d00fd07c3ff682cb0c0c9c102ed2
- SSDEEP
  
  24576:pRmJkcoQricOIQxiZY1iaJQ5Q7b7M1q/jQNoxGZo9sH4pMGNJzguYuJWT:mJZoQrbTFZY1iaJQ5Qo1+eo9v/fzRJm
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan