agenttesla | c97b8314f3d0b5396a70df9e3458be2f69d2d7891a86e02fa9b112dd0a6957ae | Triage

Submit
Reports

Overview

overview

Static

static

ApuE9QrdQxe7Um6.exe

windows7_x64

ApuE9QrdQxe7Um6.exe

windows10_x64

Sharing

General

Target

ApuE9QrdQxe7Um6.exe
Size

525KB
Sample

210408-w89garr9g6
MD5

1576d49b794d95e60b27d069d144926a
SHA1

8d56db68f570834b345a9f8749acb8b67f738409
SHA256

c97b8314f3d0b5396a70df9e3458be2f69d2d7891a86e02fa9b112dd0a6957ae
SHA512

4a1f356958fa2253a9dbe8c2225368e67fb5f83f1f3ce0756041a7a7cf88600faf87cd11c7778778a9c697e3a246a31a8d2b37cd596e812ba9162783e63bde86

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

ApuE9QrdQxe7Um6.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ApuE9QrdQxe7Um6.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.iykmoreentrprise.org
Port:
587
Username:
office4@iykmoreentrprise.org
Password:
rwkWCM328

Targets

- Target
  
  ApuE9QrdQxe7Um6.exe
- Size
  
  525KB
- MD5
  
  1576d49b794d95e60b27d069d144926a
- SHA1
  
  8d56db68f570834b345a9f8749acb8b67f738409
- SHA256
  
  c97b8314f3d0b5396a70df9e3458be2f69d2d7891a86e02fa9b112dd0a6957ae
- SHA512
  
  4a1f356958fa2253a9dbe8c2225368e67fb5f83f1f3ce0756041a7a7cf88600faf87cd11c7778778a9c697e3a246a31a8d2b37cd596e812ba9162783e63bde86
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy