agenttesla | 34444d4292fb1f61fad6019625d22b9b88868e8af67aa0a84f1319ce8d571f01 | Triage

Sharing

General

Target

rSGJ780097-JWVY8560I-HHWQEUUIT6F6.bat.exe
Size

998KB
Sample

250127-2fcq5sxpc1
MD5

38738d1bcce9a92053d0b2ff204da017
SHA1

5d3e8a4d369e1528ca1d25146199444f5a77cd5f
SHA256

34444d4292fb1f61fad6019625d22b9b88868e8af67aa0a84f1319ce8d571f01
SHA512

707fb504942509851ab9f3c801f0e748946f66abaab911d4e1bdc2b896ff71c22e925435e89bde94a20d2e717216fd83af4e9f95b79987e1aa6396ad1d2a9648
SSDEEP

12288:md0N6S1c2fTZUkwu0KgZVVaQlc+LrQ62iZL9FE0JidOv8rSsNSUr3CaNxP88DO8v:E00SXfOKGHc+LU622Ji4v8rkUr3CaP

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
@qwerty90123
Email To:
[email protected]

Targets

- Target
  
  rSGJ780097-JWVY8560I-HHWQEUUIT6F6.bat.exe
- Size
  
  998KB
- MD5
  
  38738d1bcce9a92053d0b2ff204da017
- SHA1
  
  5d3e8a4d369e1528ca1d25146199444f5a77cd5f
- SHA256
  
  34444d4292fb1f61fad6019625d22b9b88868e8af67aa0a84f1319ce8d571f01
- SHA512
  
  707fb504942509851ab9f3c801f0e748946f66abaab911d4e1bdc2b896ff71c22e925435e89bde94a20d2e717216fd83af4e9f95b79987e1aa6396ad1d2a9648
- SSDEEP
  
  12288:md0N6S1c2fTZUkwu0KgZVVaQlc+LrQ62iZL9FE0JidOv8rSsNSUr3CaNxP88DO8v:E00SXfOKGHc+LU622Ji4v8rkUr3CaP
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan