agenttesla | 5fc07e38a7bcddcb8ff232ed1fd745770237510f66a60b3a9d71995000084cff | Triage

Sharing

General

Target

5fc07e38a7bcddcb8ff232ed1fd745770237510f66a60b3a9d71995000084cff
Size

305KB
Sample

241002-kj93da1anh
MD5

42737ecb50ef620fd54228e15f98efb4
SHA1

3a50bc5b575456774b7a7cbc0208e9aad6e5b210
SHA256

5fc07e38a7bcddcb8ff232ed1fd745770237510f66a60b3a9d71995000084cff
SHA512

8de4fd4ba618d2b354db29b3d651ed2e2e00d7a2af7cb89e868636ac8727bd332a38fde757f955030c9d55b5909991a1361aa5d38526bd40ecf1db146d2fbe4a
SSDEEP

6144:AWbtJthtBOoIhv3n/FecQB/laul5Ts0Ol:AItJthtBw/n9ecwTI0O

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
phoenixblowers.com
Port:
587
Username:
[email protected]
Password:
Officeback@2022#
Email To:
[email protected]

Targets

- Target
  
  5fc07e38a7bcddcb8ff232ed1fd745770237510f66a60b3a9d71995000084cff
- Size
  
  305KB
- MD5
  
  42737ecb50ef620fd54228e15f98efb4
- SHA1
  
  3a50bc5b575456774b7a7cbc0208e9aad6e5b210
- SHA256
  
  5fc07e38a7bcddcb8ff232ed1fd745770237510f66a60b3a9d71995000084cff
- SHA512
  
  8de4fd4ba618d2b354db29b3d651ed2e2e00d7a2af7cb89e868636ac8727bd332a38fde757f955030c9d55b5909991a1361aa5d38526bd40ecf1db146d2fbe4a
- SSDEEP
  
  6144:AWbtJthtBOoIhv3n/FecQB/laul5Ts0Ol:AItJthtBw/n9ecwTI0O
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan