|
gptkbp:instanceOf
|
gptkb:malware
|
|
gptkbp:abilities
|
take screenshots
capture keystrokes
download and execute files
exfiltrate clipboard data
exfiltrate data via FTP
exfiltrate data via HTTP
exfiltrate data via SMTP
harvest FTP credentials
harvest VPN credentials
harvest browser passwords
harvest email credentials
steal credentials
|
|
gptkbp:alias
|
gptkb:AgentTesla_RAT
gptkb:Agent_Tesla_Keylogger
gptkb:Agent_Tesla
|
|
gptkbp:category
|
gptkb:malware
infostealer
|
|
gptkbp:detects
|
gptkb:security
|
|
gptkbp:discoveredBy
|
2014
|
|
gptkbp:distributedBy
|
phishing emails
malicious attachments
exploit kits
malspam
|
|
gptkbp:exfiltrationMethod
|
gptkb:FTP
gptkb:HTTP
SMTP
|
|
gptkbp:notable_campaign
|
COVID-19 themed phishing
business email compromise
|
|
gptkbp:operatingSystem
|
gptkb:Windows
|
|
gptkbp:programmingLanguage
|
gptkb:.NET
|
|
gptkbp:riskFactor
|
high
|
|
gptkbp:sells
|
underground forums
|
|
gptkbp:status
|
active
|
|
gptkbp:target
|
individuals
organizations
businesses
|
|
gptkbp:type
|
gptkb:keyboard
gptkb:Trojan
|
|
gptkbp:usedBy
|
cybercriminals
|
|
gptkbp:usedFor
|
espionage
data exfiltration
credential theft
|
|
gptkbp:usesMalware
|
gptkb:NanoCore
gptkb:AgentTesla_family
gptkb:FormBook
gptkb:HawkEye
gptkb:LokiBot
|
|
gptkbp:bfsParent
|
gptkb:APT33
|
|
gptkbp:bfsLayer
|
6
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
AgentTesla
|