agenttesla | b274e5bdb1d3f6b09fc4b493ad952f19842c251fe6d6a145df1b722ec1a3be7f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Product Sp...df.scr

windows7_x64

Product Sp...df.scr

windows10_x64

3

Sharing

General

Target

Product Specification And RFQ#78900YG07_pdf.scr
Size

513KB
Sample

200710-274sttaa56
MD5

0fec2cd1a8286b98d2f134d786123584
SHA1

bc22c817eddc7f3af9f1165f7e39c41fe1ce1b81
SHA256

b274e5bdb1d3f6b09fc4b493ad952f19842c251fe6d6a145df1b722ec1a3be7f
SHA512

cd2673969d9cd0ae4cc0593da9da5ab52e323df450b6bfc766931472c22bdce61de7713058fd15370174c5881c5244431197a1270c75bf490bb643bbe3dff57c

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Product Specification And RFQ#78900YG07_pdf.scr

Resource

win7

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Product Specification And RFQ#78900YG07_pdf.scr

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Product Specification And RFQ#78900YG07_pdf.scr
- Size
  
  513KB
- MD5
  
  0fec2cd1a8286b98d2f134d786123584
- SHA1
  
  bc22c817eddc7f3af9f1165f7e39c41fe1ce1b81
- SHA256
  
  b274e5bdb1d3f6b09fc4b493ad952f19842c251fe6d6a145df1b722ec1a3be7f
- SHA512
  
  cd2673969d9cd0ae4cc0593da9da5ab52e323df450b6bfc766931472c22bdce61de7713058fd15370174c5881c5244431197a1270c75bf490bb643bbe3dff57c
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

© 2018-2025

Terms | Privacy