agenttesla | f4d3b11ce22d094a317e26e3179efc46d9b3b916fc2a71ddacbcd3fcf4d9e1a7 | Triage

Submit
Reports

Overview

overview

Static

static

5

MX-6240N_2...24.exe

windows7-x64

MX-6240N_2...24.exe

windows10-2004-x64

Sharing

General

Target

f4d3b11ce22d094a317e26e3179efc46d9b3b916fc2a71ddacbcd3fcf4d9e1a7.zip
Size

638KB
Sample

241121-ksders1elp
MD5

140fe0a1345486ca119ade4f80d46acb
SHA1

b9613192595362f433d4e8353c0917d99d87dd00
SHA256

f4d3b11ce22d094a317e26e3179efc46d9b3b916fc2a71ddacbcd3fcf4d9e1a7
SHA512

a5ca13802b3fc94c3a997624dfa0f18613b5f4bfd01142d753fa75f598623ccdbe766a1c51ca8b733d13534860460520de3696c4cf85f5ffc49b90bc1f486f0c
SSDEEP

12288:vjp7DCnPK7bFIc6i1LIIVf9KNzcQkhL4OB9KaThkzTJSGModQHFJ+M0:vjp7DCni7bG2LIfNoQ7QJhSJ3RyFJ+M0

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

MX-6240N_20241120_124324.exe

Resource

win7-20241010-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

MX-6240N_20241120_124324.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
bezelety.top
Port:
587
Username:
[email protected]
Password:
IxF(..bSed6k
Email To:
[email protected]

Targets

- Target
  
  MX-6240N_20241120_124324.exe
- Size
  
  1.2MB
- MD5
  
  6f25d9983d50a944a1821f2eb9b1eec7
- SHA1
  
  e05483b06f7bb9401c9b2b7f707d33607e7ece7e
- SHA256
  
  ca8b529cb0b693f6ff0dfe104fd063c4c161c572980dacd2d6d714a84dcfb03e
- SHA512
  
  a3530347da2c3990e604644b4ad8a732f7dda9bda99c95f2d0ec00d2c1a5d9122d972efa2ba7e731e740f76173a561a1c47349ce7bedf9ae7b50b777cb14ed66
- SSDEEP
  
  24576:otb20pkaCqT5TBWgNQ7asjTZxNSz33CF6A:xVg5tQ7asjTZx8W5
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy