agenttesla | f9948f81eaf0e37ba783536e169286ea48bd432757642687f7038a78f6908670 | Triage

Submit
Reports

Overview

overview

Static

static

Default

windows10_x64

Sharing

General

Target

New Order.gz
Size

1.2MB
Sample

210120-k1vee61z3n
MD5

6009b12086df1d38a62b8c97bea56ec6
SHA1

6e4526d3280ed1b4d6eb20e6034bc0402ffe5ecf
SHA256

f9948f81eaf0e37ba783536e169286ea48bd432757642687f7038a78f6908670
SHA512

50c1ccfd60be19bb9ee60769ee16baea2a45ff9f7b333328121748bda91adf72370f3c5af3c8b4f3bee5ff3410a831d92ba8301aa989160bb261ed8757778993

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

New Order.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.airlndia.in
Port:
587
Username:
ikorigin@airlndia.in
Password:
pkqNqbW9

Targets

- Target
  
  New Order.exe
- Size
  
  2.0MB
- MD5
  
  ae9df31d5b6b69fc51fa69e44a0a545b
- SHA1
  
  0eccb9463fc3a0fe2205d207b05cfcc1714ff9f4
- SHA256
  
  2dc6c9e63ff741bc81261986114f92653d3a994d270021c67a6e1d94982b86ee
- SHA512
  
  8817c487ec74ac1fd9a3135dfd50c6bd0fca0609c308c046c8e86ca06fb442416e360c1ab292b9cf0dd13d7c6b0e741c5610a9252949cb4b3f93923ca4a083b5
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy