Overview

overview

10

Static

static

5

cotizacin.exe

windows7-x64

10

cotizacin.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cotizacin.exe

  • Size

    1.1MB

  • Sample

    250129-ptcl3syjdz

  • MD5

    74961c52806797a5988894a1caa5bf19

  • SHA1

    f17500067daa8d8a4125979dec8a6005b07a928b

  • SHA256

    41c3a4ebd8d4fea8dbf115e338f4912e051f4916694e7663471e3f894a4e18be

  • SHA512

    40ebf7c576ff2065b9f94c8866524c132ddafeda416b144a0467a5b2ce06dd82f03530be899819c06f424e63fe2613d9a3be7202e60b268850598ae35ac9a9e8

  • SSDEEP

    24576:uRmJkcoQricOIQxiZY1iaCOavymih0JSuHSFv35SnM+yXei:7JZoQrbTFZY1iaCOaLiOJSqGv35SnMN5

Score
10/10
agenttesladiscoverykeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.stingatoareincendii.ro
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    3.*RYhlG)lkA

Targets

    • Target

      cotizacin.exe

    • Size

      1.1MB

    • MD5

      74961c52806797a5988894a1caa5bf19

    • SHA1

      f17500067daa8d8a4125979dec8a6005b07a928b

    • SHA256

      41c3a4ebd8d4fea8dbf115e338f4912e051f4916694e7663471e3f894a4e18be

    • SHA512

      40ebf7c576ff2065b9f94c8866524c132ddafeda416b144a0467a5b2ce06dd82f03530be899819c06f424e63fe2613d9a3be7202e60b268850598ae35ac9a9e8

    • SSDEEP

      24576:uRmJkcoQricOIQxiZY1iaCOavymih0JSuHSFv35SnM+yXei:7JZoQrbTFZY1iaCOaLiOJSqGv35SnMN5

    Score
    10/10
    agenttesladiscoverykeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Agenttesla family

      agenttesla

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks