agenttesla | 32488bb600a06c30e9fa5ff77b6fce07310ea9ff2b7ebeb7fb929ff2f5120cdd | Triage

Sharing

General

Target

7.exe
Size

1.2MB
Sample

240919-rzbyvatcne
MD5

7d87454a0adc0e17123092b4db4bdfc1
SHA1

f0bf2dd8975d37851d807a41fb0dc090dc50fb96
SHA256

32488bb600a06c30e9fa5ff77b6fce07310ea9ff2b7ebeb7fb929ff2f5120cdd
SHA512

389582abc97fe842a4261b79949954821c752cfb834250d0255bb74eff4b4e497a4f8149bdfd161b130b7a918f828e271aa43ccccddc6b876dbeefaa88c1d713
SSDEEP

24576:fRmJkcoQricOIQxiZY1iaoYtjXr10APD+zwRwTpXyKLTu:0JZoQrbTFZY1iaoS/qX4opX9u

Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
cy+G_(979n9N
Email To:
[email protected]

Targets

- Target
  
  7.exe
- Size
  
  1.2MB
- MD5
  
  7d87454a0adc0e17123092b4db4bdfc1
- SHA1
  
  f0bf2dd8975d37851d807a41fb0dc090dc50fb96
- SHA256
  
  32488bb600a06c30e9fa5ff77b6fce07310ea9ff2b7ebeb7fb929ff2f5120cdd
- SHA512
  
  389582abc97fe842a4261b79949954821c752cfb834250d0255bb74eff4b4e497a4f8149bdfd161b130b7a918f828e271aa43ccccddc6b876dbeefaa88c1d713
- SSDEEP
  
  24576:fRmJkcoQricOIQxiZY1iaoYtjXr10APD+zwRwTpXyKLTu:0JZoQrbTFZY1iaoS/qX4opX9u
Score

10^/10

agenttesla credential_access discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan