agenttesla | 7cb6a74c533cc897d3f3832ce193fc6b1100c2df08855ce65edb60c6a83b4d62 | Triage

Submit
Reports

Overview

overview

Static

static

5

pmm.exe

windows7-x64

pmm.exe

windows10-2004-x64

Sharing

General

Target

novembershippingdetails.pdf.rar
Size

563KB
Sample

241121-pftnfawphk
MD5

aa7845fe5861f347173a2057cd9df26b
SHA1

bc237a9588dab25ed2aac0952d3b7eb2d22f101c
SHA256

7cb6a74c533cc897d3f3832ce193fc6b1100c2df08855ce65edb60c6a83b4d62
SHA512

048a3ac1e4d07c36ea7f912f9284bc8c8de002c2ca3a6500f4d690305148ac5b4726836aa1d5bc8c43e95ff19c4d21001b441a5ffe517063f32d647ad6481f89
SSDEEP

12288:J/r1an4qTljAhIrQ4QZQ/ffEodqg9G4VO6+hDm3ZexNY/LGg3Ij3qX6io7vIZa:9hkTljDr0sfESG6OH/xOSr3bD

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

pmm.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

pmm.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  pmm.exe
- Size
  
  1.1MB
- MD5
  
  19c4258489c94b50d7f6041e2ca575f1
- SHA1
  
  712c83d1cf46aeae6ffba68fe0bc1ec373532f2f
- SHA256
  
  f482d607663a330b6a2393c8c9850bba8eddc53a4f80012c17dfcc416df05880
- SHA512
  
  b5107250620af675bb73c64f94790b5312dc0ce77007eac915017b5675d515d97238b1a9b5984e134b84bc00be0805778e72b255f60fab5ed15dcc146b023b87
- SSDEEP
  
  24576:0tb20pkaCqT5TBWgNQ7aiyEnGlxD0S3XEF6A:dVg5tQ7aiyEaDo5
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy