agenttesla

Resubmissions

01-01-2025 19:47

250101-yhhtds1kcy 10

01-01-2025 19:45

17-11-2024 16:46

17-11-2024 16:36

17-11-2024 16:34

17-11-2024 16:15

Sharing

Copy URL

Twitter E-mail

General

Target

95699b4df332139d1782520df7f136a413313d5b1dc05be131ab53acf355909a
Size

1.1MB
Sample

250101-yhhtds1kcy
MD5

5d657a482624350e8676e7f0f902d217
SHA1

0182985fa2ac0a698c2af40c87f1b6cfaceb72cf
SHA256

95699b4df332139d1782520df7f136a413313d5b1dc05be131ab53acf355909a
SHA512

93c75caa8b543877638c20a902765b7eaa4edd6b3c1fd4a89ad6db7355d7e62e2b671efc0c418ea81b777eeddce8fbbb9628116e7be42ac85e3d989a983668f8
SSDEEP

12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5QbF4vBUJ2pzfXw7CSMoDrdwhBDH5wJcF:WfmMv6Ckr7Mny5QbFilfroDZCDH5wJcF

Score

10^/10

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  95699b4df332139d1782520df7f136a413313d5b1dc05be131ab53acf355909a
- Size
  
  1.1MB
- MD5
  
  5d657a482624350e8676e7f0f902d217
- SHA1
  
  0182985fa2ac0a698c2af40c87f1b6cfaceb72cf
- SHA256
  
  95699b4df332139d1782520df7f136a413313d5b1dc05be131ab53acf355909a
- SHA512
  
  93c75caa8b543877638c20a902765b7eaa4edd6b3c1fd4a89ad6db7355d7e62e2b671efc0c418ea81b777eeddce8fbbb9628116e7be42ac85e3d989a983668f8
- SSDEEP
  
  12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5QbF4vBUJ2pzfXw7CSMoDrdwhBDH5wJcF:WfmMv6Ckr7Mny5QbFilfroDZCDH5wJcF
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Agenttesla family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2