agenttesla | 6e9ef93b4bb2c7ea78dbba96cb34e747294454c2d142276329951e580044ddd3 | Triage

Submit
Reports

Overview

overview

Static

static

RFQ SC0054852_PDF.exe

windows7_x64

RFQ SC0054852_PDF.exe

windows10_x64

3

Sharing

General

Target

RFQ SC0054852_PDF.exe
Size

403KB
Sample

200713-4mm1st5ste
MD5

41b5f25fa55f9dc4d320a3c66754ec05
SHA1

cdcde4167731c38a8bee5aa752e9c03705c69421
SHA256

6e9ef93b4bb2c7ea78dbba96cb34e747294454c2d142276329951e580044ddd3
SHA512

95dcf28bd6621d8d2e098df713d8e99c58e297a5797a94975a7ac61c780f0212092105fac5d0fddcb389e66b3a80d447f66cc58d5a7a6d3d4adef96a3b761a2f

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

RFQ SC0054852_PDF.exe

Resource

win7v200430

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ SC0054852_PDF.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.urban.co.th
Port:
587
Username:
[email protected]
Password:
Urban@1143

Targets

- Target
  
  RFQ SC0054852_PDF.exe
- Size
  
  403KB
- MD5
  
  41b5f25fa55f9dc4d320a3c66754ec05
- SHA1
  
  cdcde4167731c38a8bee5aa752e9c03705c69421
- SHA256
  
  6e9ef93b4bb2c7ea78dbba96cb34e747294454c2d142276329951e580044ddd3
- SHA512
  
  95dcf28bd6621d8d2e098df713d8e99c58e297a5797a94975a7ac61c780f0212092105fac5d0fddcb389e66b3a80d447f66cc58d5a7a6d3d4adef96a3b761a2f
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

© 2018-2024

Terms | Privacy