agenttesla | b81164598e70459709bba50dead99248d28e6d4dc0e0e5093fa28ad554c9694a | Triage

Sharing

General

Target

RFQ SN00954666 for prosjekt CMC 40 fot container.exe
Size

1.1MB
Sample

241004-kyb4wsvfql
MD5

6f372aad87d442dec0f25eafa57cd9f5
SHA1

5cb1f90381f86732a50431e75bf21ee045ddd5a1
SHA256

b81164598e70459709bba50dead99248d28e6d4dc0e0e5093fa28ad554c9694a
SHA512

627d8b92939349e48803cfcfa50e4efead10761b5444e6a69661fe37ff760f86683be02362e4706d62e7feaba3a093a207183f587b8f0a9d39ac93076be9b24b
SSDEEP

24576:ffmMv6Ckr7Mny5QLlYYwMil9A4Zd93j7Vd0044:f3v+7/5QLGYFib93jc07

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
bezelety.top
Port:
587
Username:
[email protected]
Password:
IxF(..bSed6k
Email To:
[email protected]

Targets

- Target
  
  RFQ SN00954666 for prosjekt CMC 40 fot container.exe
- Size
  
  1.1MB
- MD5
  
  6f372aad87d442dec0f25eafa57cd9f5
- SHA1
  
  5cb1f90381f86732a50431e75bf21ee045ddd5a1
- SHA256
  
  b81164598e70459709bba50dead99248d28e6d4dc0e0e5093fa28ad554c9694a
- SHA512
  
  627d8b92939349e48803cfcfa50e4efead10761b5444e6a69661fe37ff760f86683be02362e4706d62e7feaba3a093a207183f587b8f0a9d39ac93076be9b24b
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLlYYwMil9A4Zd93j7Vd0044:f3v+7/5QLGYFib93jc07
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan