Agent Tesla Keylogger delivered using cybersquatting | Zscaler
Tags
attack-pattern: Data Control Panel - T1218.002 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID dacd7db3-0482-4a0c-be1a-22b8f55ef003
Fingerprint 88100843a964a311
Analysis status DONE
Considered CTI value 0
Text language
Published Aug. 25, 2016, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Agent Tesla Keylogger delivered using cybersquatting
Title Agent Tesla Keylogger delivered using cybersquatting | Zscaler
Detected Hints/Tags/Attributes 35/1/10
Source URLs
Redirection Url
Details Source https://www.zscaler.com/blogs/research/agent-tesla-keylogger-delivered-using-cybersquatting
URL Provider
Details Provider Source level domain
Details zscaler.com www.zscaler.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
diodetechs.com
Details Domain 1 
diodetech.com
Details Domain 3 
agenttesla.com
Details File 4 
cc.exe
Details File 1 
%temp%\cc.exe
Details File 3 
javaupdtr.exe
Details File 149 
msbuild.exe
Details File 2 
%temp%\log.tmp
Details md5 1 
e4117e6974363cac8b37e5e3ff5d07a6
Details Windows Registry Key 7 
HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Run