agenttesla | 655b0079f029668285cc5a8845838d795c05a8cd2bca7b72a20e5fe006e10b19 | Triage

Sharing

General

Target

09102024_0133_08102024_Facturas de pago 036002,538014,742901.xxe
Size

745KB
Sample

241009-byl5esygkm
MD5

a1e9c96496be51abba2540781bcf5474
SHA1

8b8ed6f0d982118d0d9a5f3cb1587f924a70140d
SHA256

655b0079f029668285cc5a8845838d795c05a8cd2bca7b72a20e5fe006e10b19
SHA512

c3dfb7c38125af5abf57e76ccb546ef2598ca21739afa3a4bccd324295b247f091db14688f79244c6d58df919e798da6b69ace3fb1b1c775929024f99aa3277d
SSDEEP

12288:apQumzeyc1584qalAMXcnStQ0sYs98qDDhLEcs+nTEcjPpIGWeKhUhNY7XrkCUSK:cQEv584qaF0S4YuWcs+nTJ7GGticYrrw

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
mail.flujoauditorias.cl
Port:
587
Username:
[email protected]
Password:
l;0jGu7J;z_a

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.flujoauditorias.cl
Port:
587
Username:
[email protected]
Password:
l;0jGu7J;z_a
Email To:
[email protected]

Targets

- Target
  
  Facturas de pago 036002,538014,742901.bat
- Size
  
  77.0MB
- MD5
  
  7f0b6fa70863e1f2f3744e4e50317aa9
- SHA1
  
  a99732d82fcfdfd079c48173d1b1953fcd97c017
- SHA256
  
  378270472210ac2aa5b8cb1ee82f88bd4923bf829916af8a2c450774246e982a
- SHA512
  
  cc319bade2e395d4db08d763abc022c75b0f4abb88f2fba0f040370528bbfae081d94bebd5571b7a2b9bfa02f89979c9e8d09cf184c2372eb737209f818c163b
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLNS76h/9LBzCV+Jcz8EWdYAaH8:f3v+7/5QLNm6xmV+Cz8Fo
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan