agenttesla | bca37ddb3330991ff40fdc9462eebaf28b8cca2ee0a3c89b4102517c77d2dae8 | Triage

Submit
Reports

Overview

overview

Static

static

PURCHASE ORDER.exe

windows7_x64

PURCHASE ORDER.exe

windows10_x64

Sharing

General

Target

PURCHASE ORDER.exe
Size

1.4MB
Sample

200624-27s75nya9x
MD5

f315ec23b5a581845fea692174b46232
SHA1

bf9b4f795cdca74ec362017a5fe553e9997ee3f8
SHA256

bca37ddb3330991ff40fdc9462eebaf28b8cca2ee0a3c89b4102517c77d2dae8
SHA512

a5dbec7eb97491162cff8a7aa27f039023700e0298a87fde32e6e71421006ffd010e979e10b0cec8b089dc3add8e7080c8dea5a93424a47d2cbc29790859391e

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PURCHASE ORDER.exe

Resource

win7

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PURCHASE ORDER.exe

Resource

win10v200430

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
dave.tecoman@yandex.com
Password:
General101

Targets

- Target
  
  PURCHASE ORDER.exe
- Size
  
  1.4MB
- MD5
  
  f315ec23b5a581845fea692174b46232
- SHA1
  
  bf9b4f795cdca74ec362017a5fe553e9997ee3f8
- SHA256
  
  bca37ddb3330991ff40fdc9462eebaf28b8cca2ee0a3c89b4102517c77d2dae8
- SHA512
  
  a5dbec7eb97491162cff8a7aa27f039023700e0298a87fde32e6e71421006ffd010e979e10b0cec8b089dc3add8e7080c8dea5a93424a47d2cbc29790859391e
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy