agenttesla | a4f522406a7b1a0ae35eb4682549ac8f20ce1ca42f4cf11fad546df3e1d45dd2 | Triage

Submit
Reports

Overview

overview

Static

static

Xworm-V5.6...es.vbs

windows11-21h2-x64

1

Xworm-V5.6....6.exe

windows11-21h2-x64

Resubmissions

01-07-2024 05:42

240701-gd99ea1clq 10

Sharing

General

Target

Xworm-V5.6.zip
Size

23.9MB
Sample

240701-gd99ea1clq
MD5

9e350efde02b6b8e5794eb7cf1114cf8
SHA1

b4e713be664d65265de51dbaffe0a53021cf2bd9
SHA256

a4f522406a7b1a0ae35eb4682549ac8f20ce1ca42f4cf11fad546df3e1d45dd2
SHA512

ee3f673fa63cc511d3eeb035172d57c9ca76b920aa2485dc779096afd1ca46707c773d63198692c46f2031283c0b1109a25fc252d3fd7c4b092e4a305c0b695c
SSDEEP

393216:MCSSh7i+DV/GKDkibbiwCjpujDwDnpELAKOTYeZJr8EpgANC3bnUoZEoZ8c:MCSShRDBGmk8bm+DWpErOTnCEiAEA9op

Score

10^/10

agenttesla stormkitty xworm keylogger spyware stealer trojan

Static task

static1

agenttesla stormkitty xworm

8 signatures

Behavioral task

behavioral1

Sample

Xworm-V5.6/RES/XWorm.Resources.vbs

Resource

win11-20240508-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Xworm-V5.6/XWorm V5.6.exe

Resource

win11-20240508-en

agenttesla keylogger spyware stealer trojan

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Xworm-V5.6/RES/XWorm.Resources.resources
- Size
  
  1.6MB
- MD5
  
  34986e38b463873af40f694874c1f6d3
- SHA1
  
  8fa89cdb7a394cf8093d548ca9db4652c703ee72
- SHA256
  
  557058bd29a5eb55ef073ea9c4dec0baea1fd3f3f4bf2cdd5ee3dfd33735e93a
- SHA512
  
  c1b0278e8c21e5c28204f692a5cf5ed16c8ada0c6022d7d38e70905255f3aeb5d2c0fd4549f0ed19ead52aa0ced891a8f9372123bf5e1710be004958750874e4
- SSDEEP
  
  49152:OsP2WTJcLsk9Pk6gAK6BN2NQUe+ErnuVqjNhHXH:zuWTGLP9Pk6gAK6n4ldyNh3
Score

1^/10
behavioral1
- Target
  
  Xworm-V5.6/XWorm V5.6.exe
- Size
  
  13.1MB
- MD5
  
  5db4c8e052f3454e0f6ba19ee175f578
- SHA1
  
  32a727273944af1fb07634735ba75f0a017f7d58
- SHA256
  
  7efddbf0825853ea834ce3c763fa9828aa72cb4844e8a98c4b79eb832a138a0b
- SHA512
  
  0d1aa64daf4abb3f895c79c6c4deb6ffc91321fc597a96269ff621bb29376e2fed240dabe6f925c0063acbb794a686572d199cdcf35d70704a2b6c0bb5e428c7
- SSDEEP
  
  196608:6S/BAe1d4ihvy85JhhYc3BSL1kehn4inje:6MyIhhkRka4i
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

agentteslastormkittyxworm

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy