agenttesla | a071b2fe3a0f6a0298f93fd317b156a2a849163dcd899d074454ff8c1c64f215 | Triage

Submit
Reports

Overview

overview

Static

static

5

Rechnung.exe

windows7-x64

Rechnung.exe

windows10-2004-x64

Sharing

General

Target

01072024_1104_01072024_Rechnung.rar
Size

697KB
Sample

240701-m6j6ksxgrd
MD5

c454720b18c5b2e38a53d496dcee2f95
SHA1

e432e35b4f102f665695361a9e82cd6a8eb7eadc
SHA256

a071b2fe3a0f6a0298f93fd317b156a2a849163dcd899d074454ff8c1c64f215
SHA512

769d4c14abb2d6528148cbc65d187fea9820467baa90ff1cb8b8e84a0a18a104f33e035bcf9076ebddfa2914b04292461fbb03166b4e9e402b0f2de75a7e62d6
SSDEEP

12288:Zeo/x/hOyH6Me6H29GxNlObcbJXr8TzWKaPdnGuwtARnigBHJF2dJJqy:Zh/qrn6H2cLlwctuzWKudwtAJigBH72D

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Rechnung.exe

Resource

win7-20231129-en

agenttesla keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Rechnung.exe

Resource

win10v2004-20240508-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Rechnung.exe
- Size
  
  1.2MB
- MD5
  
  68d578e65d29914850f73fd7b74b6eb9
- SHA1
  
  e3acde3f3f4c54a92c5ac26c5a2c821fee8c9afa
- SHA256
  
  a6626f2d5d6338a226e5a11da7aa5a67035f8783f54aa1b8b72adf8d7d1a06c2
- SHA512
  
  a774a305e72c25df6787026fa4c899190375fc07623f5fbc900dc24719f10962904b969cfea4482f19019e6ebfba0bb4b6df9db2e55fcc1caa14d57b64271a6c
- SSDEEP
  
  24576:WAHnh+eWsN3skA4RV1Hom2KXMmHa4AvYH17u/Y0i5:xh+ZkldoPK8Ya4Av6KYN
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy