agenttesla | 5ba9b6eaf879bdc0ad1c7e4c350dbe4716bf6820c446ad70a77a4ba5a3464cec | Triage

Sharing

General

Target

5ba9b6eaf879bdc0ad1c7e4c350dbe4716bf6820c446ad70a77a4ba5a3464cec
Size

256KB
Sample

241016-bg7pssygrj
MD5

aefce6f0e7d943d6571512aaecd187a9
SHA1

d1e717a8d371db4293e8b2b9ac9fec087491ec29
SHA256

5ba9b6eaf879bdc0ad1c7e4c350dbe4716bf6820c446ad70a77a4ba5a3464cec
SHA512

5a4b38860981b37cdf6e2287060800a564fae8abab8cc302573946294fa079646fbe5e33a7e093dadf0562b358814935e99c175bc00e4886fdb7634c8c2ab9d0
SSDEEP

3072:jfucCwxx9GRtB1R3UT4PqDVcksL2p9kJP95AuoHNouFNfm/Em25Pvu7NBQ:rwyxIRtB1R3UoMVGJLr0NfhmYux

Score

10^/10

agenttesla discovery

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.haliza.com.my
Port:
21
Username:
[email protected]
Password:
JesusChrist007$

Targets

- Target
  
  5ba9b6eaf879bdc0ad1c7e4c350dbe4716bf6820c446ad70a77a4ba5a3464cec
- Size
  
  256KB
- MD5
  
  aefce6f0e7d943d6571512aaecd187a9
- SHA1
  
  d1e717a8d371db4293e8b2b9ac9fec087491ec29
- SHA256
  
  5ba9b6eaf879bdc0ad1c7e4c350dbe4716bf6820c446ad70a77a4ba5a3464cec
- SHA512
  
  5a4b38860981b37cdf6e2287060800a564fae8abab8cc302573946294fa079646fbe5e33a7e093dadf0562b358814935e99c175bc00e4886fdb7634c8c2ab9d0
- SSDEEP
  
  3072:jfucCwxx9GRtB1R3UT4PqDVcksL2p9kJP95AuoHNouFNfm/Em25Pvu7NBQ:rwyxIRtB1R3UoMVGJLr0NfhmYux
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2