agenttesla | 5a0a36413c389c4a1dd98ba0544e39b456b082825bb21245f84c0beefef74ccc | Triage

Sharing

General

Target

5a0a36413c389c4a1dd98ba0544e39b456b082825bb21245f84c0beefef74ccc.exe
Size

77.0MB
Sample

241008-b3jj4asdqq
MD5

56b26dafc409e4a26b3cdff29655c634
SHA1

28218cdb90ed415758fa8432d85344f373f62665
SHA256

5a0a36413c389c4a1dd98ba0544e39b456b082825bb21245f84c0beefef74ccc
SHA512

6cec01314d39458c23859a85dbb51ea3f6b7c7dbb1a931a89f3a0112b31550700e8c1ec9f37a269cfa37814830d50d36d7d6070398f9605398b2ee5e39076229
SSDEEP

24576:ffmMv6Ckr7Mny5QLTRiUecmRoNOlwOjcFD:f3v+7/5QLTR3DOlw28

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
mail.flujoauditorias.cl
Port:
587
Username:
[email protected]
Password:
l;0jGu7J;z_a

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.flujoauditorias.cl
Port:
587
Username:
[email protected]
Password:
l;0jGu7J;z_a
Email To:
[email protected]

Targets

- Target
  
  5a0a36413c389c4a1dd98ba0544e39b456b082825bb21245f84c0beefef74ccc.exe
- Size
  
  77.0MB
- MD5
  
  56b26dafc409e4a26b3cdff29655c634
- SHA1
  
  28218cdb90ed415758fa8432d85344f373f62665
- SHA256
  
  5a0a36413c389c4a1dd98ba0544e39b456b082825bb21245f84c0beefef74ccc
- SHA512
  
  6cec01314d39458c23859a85dbb51ea3f6b7c7dbb1a931a89f3a0112b31550700e8c1ec9f37a269cfa37814830d50d36d7d6070398f9605398b2ee5e39076229
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLTRiUecmRoNOlwOjcFD:f3v+7/5QLTR3DOlw28
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan