agenttesla | 8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc | Triage

Submit
Reports

Overview

overview

Static

static

5

8220b87a1a...cc.exe

windows7-x64

8220b87a1a...cc.exe

windows10-2004-x64

Sharing

General

Target

8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc
Size

1.1MB
Sample

241122-bh7q7axlbk
MD5

acaa9b42c998342d8dfdefde3ca31f1d
SHA1

40be580cbd0f54c6a2f7ee77b971e27fa582c90e
SHA256

8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc
SHA512

86995aee84b317bf68f2d8c212abd79b4f6636fefb2fa26bd80def67f40be4acb4f7d7b866ad2c5b2350aafa5ccd0038578b491b135a49a382805097a59efbe9
SSDEEP

24576:ffmMv6Ckr7Mny5QLeVY++JIXKFpceG7IJhK:f3v+7/5QLeVY+mIkpce3E

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
srv.masternic.net
Port:
587
Username:
[email protected]
Password:
-H{2Szxi!%qb
Email To:
[email protected]

Targets

- Target
  
  8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc
- Size
  
  1.1MB
- MD5
  
  acaa9b42c998342d8dfdefde3ca31f1d
- SHA1
  
  40be580cbd0f54c6a2f7ee77b971e27fa582c90e
- SHA256
  
  8220b87a1a085410e1cda2ec765cf0c18ce8501e326513bb235d4dc7f4d3a1cc
- SHA512
  
  86995aee84b317bf68f2d8c212abd79b4f6636fefb2fa26bd80def67f40be4acb4f7d7b866ad2c5b2350aafa5ccd0038578b491b135a49a382805097a59efbe9
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLeVY++JIXKFpceG7IJhK:f3v+7/5QLeVY+mIkpce3E
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy