agenttesla | ff9dbc074c9fedf0906cdebe94a4ec7b438df3528db6dc3a649c29bb4414c365 | Triage

Sharing

General

Target

ff9dbc074c9fedf0906cdebe94a4ec7b438df3528db6dc3a649c29bb4414c365.exe
Size

1.1MB
Sample

241017-c3y58ayakg
MD5

20cca14ff2ceb85d038b443b2aec939d
SHA1

568faf780223ea4a7a87b32c6b2c48306ca04537
SHA256

ff9dbc074c9fedf0906cdebe94a4ec7b438df3528db6dc3a649c29bb4414c365
SHA512

eba7c2797ff405a79bc1fdf0951c3e8738e7bde95860914c8b98d4ad508ebf0a567541ee14f9c05199687f1b604b955712d37eb43b0affd9d282a8aebe3b850b
SSDEEP

12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5Q2TYgYkwAyOIeHbJZpWVLmr9v1C0bW73:WfmMv6Ckr7Mny5Q206F7jWLEdqu8uc+e

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  ff9dbc074c9fedf0906cdebe94a4ec7b438df3528db6dc3a649c29bb4414c365.exe
- Size
  
  1.1MB
- MD5
  
  20cca14ff2ceb85d038b443b2aec939d
- SHA1
  
  568faf780223ea4a7a87b32c6b2c48306ca04537
- SHA256
  
  ff9dbc074c9fedf0906cdebe94a4ec7b438df3528db6dc3a649c29bb4414c365
- SHA512
  
  eba7c2797ff405a79bc1fdf0951c3e8738e7bde95860914c8b98d4ad508ebf0a567541ee14f9c05199687f1b604b955712d37eb43b0affd9d282a8aebe3b850b
- SSDEEP
  
  12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5Q2TYgYkwAyOIeHbJZpWVLmr9v1C0bW73:WfmMv6Ckr7Mny5Q206F7jWLEdqu8uc+e
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan