Statements (51)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
take screenshots
capture keystrokes download and execute files exfiltrate clipboard data exfiltrate data via FTP exfiltrate data via HTTP exfiltrate data via SMTP harvest FTP credentials harvest VPN credentials harvest browser passwords harvest email credentials steal credentials |
| gptkbp:alias |
gptkb:AgentTesla_RAT
gptkb:Agent_Tesla_Keylogger gptkb:Agent_Tesla |
| gptkbp:category |
malware
infostealer |
| gptkbp:detects |
gptkb:security
|
| gptkbp:discoveredBy |
2014
|
| gptkbp:distributedBy |
phishing emails
malicious attachments exploit kits malspam |
| gptkbp:exfiltrationMethod |
gptkb:FTP
gptkb:HTTP SMTP |
| https://www.w3.org/2000/01/rdf-schema#label |
AgentTesla
|
| gptkbp:notable_campaign |
COVID-19 themed phishing
business email compromise |
| gptkbp:operatingSystem |
gptkb:Windows
|
| gptkbp:programmingLanguage |
gptkb:.NET
|
| gptkbp:riskFactor |
high
|
| gptkbp:sells |
underground forums
|
| gptkbp:status |
active
|
| gptkbp:target |
individuals
organizations businesses |
| gptkbp:type |
gptkb:keyboard
Trojan |
| gptkbp:usedBy |
cybercriminals
|
| gptkbp:usedFor |
espionage
data exfiltration credential theft |
| gptkbp:usesMalware |
gptkb:NanoCore
gptkb:AgentTesla_family gptkb:FormBook gptkb:HawkEye gptkb:LokiBot |
| gptkbp:bfsParent |
gptkb:APT33
|
| gptkbp:bfsLayer |
6
|