agenttesla | 023d25a8bafeb122725046d0d8f0bae8d443e2da9452b217965ab9c432be6d52 | Triage

Submit
Reports

Overview

overview

Static

static

QUOTE2021.PDF.exe

windows7_x64

QUOTE2021.PDF.exe

windows10_x64

Sharing

General

Target

QUOTE2021.PDF.exe
Size

615KB
Sample

210408-gyrghqsx2x
MD5

424233f0bd0abbf6d559c800a47b5374
SHA1

d253a17418d0a9c26fa0275378d80b0627a28888
SHA256

023d25a8bafeb122725046d0d8f0bae8d443e2da9452b217965ab9c432be6d52
SHA512

ee703ef5c2122dca7a6f390043fe18707a3def7ecb9acb10ba21e53f7cd3bc4915492384f853428c942adc992c86459069d6fb278c7423c745f4ad3c7b3cb3b2

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

QUOTE2021.PDF.exe

Resource

win7v20201028

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

QUOTE2021.PDF.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.vivaldi.net
Port:
587
Username:
Graceboy123@vivaldi.net
Password:
4Lmm4pew4Z3EVCn

Targets

- Target
  
  QUOTE2021.PDF.exe
- Size
  
  615KB
- MD5
  
  424233f0bd0abbf6d559c800a47b5374
- SHA1
  
  d253a17418d0a9c26fa0275378d80b0627a28888
- SHA256
  
  023d25a8bafeb122725046d0d8f0bae8d443e2da9452b217965ab9c432be6d52
- SHA512
  
  ee703ef5c2122dca7a6f390043fe18707a3def7ecb9acb10ba21e53f7cd3bc4915492384f853428c942adc992c86459069d6fb278c7423c745f4ad3c7b3cb3b2
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy