agenttesla | 0ec0a3aa2c9962d49da036f470975acf1381392b7dd0f991255f0a23d759f119 | Triage

Sharing

General

Target

0ec0a3aa2c9962d49da036f470975acf1381392b7dd0f991255f0a23d759f119.exe
Size

1.1MB
Sample

240926-bgt4psxhqq
MD5

04bd328570a077fa407d68787942aa56
SHA1

47c576056a000919830ef511ee7a5c63ba3c5095
SHA256

0ec0a3aa2c9962d49da036f470975acf1381392b7dd0f991255f0a23d759f119
SHA512

f506d4739ea26ca09551f980c14fa371bd601e61e5cb9c8187f6e61cb024583570085378e028617caaaca130e81bc5f7e33e77fac3662ea0a8ee439fbe846c5d
SSDEEP

24576:uRmJkcoQricOIQxiZY1iaCyXqewWzxNjJzHR+y/v5IkHQy8O:7JZoQrbTFZY1iaCyXq4zLlFSkwyZ

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
@qwerty90123
Email To:
[email protected]

Targets

- Target
  
  0ec0a3aa2c9962d49da036f470975acf1381392b7dd0f991255f0a23d759f119.exe
- Size
  
  1.1MB
- MD5
  
  04bd328570a077fa407d68787942aa56
- SHA1
  
  47c576056a000919830ef511ee7a5c63ba3c5095
- SHA256
  
  0ec0a3aa2c9962d49da036f470975acf1381392b7dd0f991255f0a23d759f119
- SHA512
  
  f506d4739ea26ca09551f980c14fa371bd601e61e5cb9c8187f6e61cb024583570085378e028617caaaca130e81bc5f7e33e77fac3662ea0a8ee439fbe846c5d
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCyXqewWzxNjJzHR+y/v5IkHQy8O:7JZoQrbTFZY1iaCyXq4zLlFSkwyZ
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan