agenttesla | 8f62b902309193bf709b78264cb0711603c3082848a7032d719da37685525999 | Triage

Sharing

General

Target

03102024_1447_02102024_Facturas comerciales 022024.xxe
Size

763KB
Sample

241003-r5yd2athja
MD5

955a61980c2ccdbde8ab8a5b9f3ea78d
SHA1

0eb4961c8f816cad06520ba5d8ab14a2edd1f405
SHA256

8f62b902309193bf709b78264cb0711603c3082848a7032d719da37685525999
SHA512

325decfbcdcc6a71cc06c0a424e922bb50f782c37785abb1fbaa8a70604dc16c126888d018b1419bd3b51ad94180f128564de0d36b6f1ba1185a5d765dba75d9
SSDEEP

12288:1pQumzeyc1584qalAMXcnSt0DPiZN24l6SP+p72G5ZqqD52Ziwbb+rTxlSvMX/28:XQEv584qaF0SqPiZN76So7t5leiq+aMj

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
mail.flujoauditorias.cl
Port:
587
Username:
[email protected]
Password:
l;0jGu7J;z_a

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.flujoauditorias.cl
Port:
587
Username:
[email protected]
Password:
l;0jGu7J;z_a
Email To:
[email protected]

Targets

- Target
  
  Facturas comerciales 022024.bat
- Size
  
  77.0MB
- MD5
  
  f960fc5cc22d1f5814e1c81face5f7ec
- SHA1
  
  6199e3fd09f57ac433b789a451150e7fc4127237
- SHA256
  
  4088301bd65eae0fee42f3f12206b95c08b2e8763d91209a320b6d1d573a531d
- SHA512
  
  83f5f95924ce3afe5add36ecc389ee75c4a1c89c8686d80dede34faafc6c69fa722b3e5e003762b554cbe50a0e88d3870386671ff0a52e905f2dd9ae410e5fe3
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLEq3+q5dK619jWU48CR:f3v+7/5QLEq3+UK+Q
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan