agenttesla | 20359c84189b6e46bea8c9ae514d2d7cc315341f1ebb93d7d6a9859fc54b92ee | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...15.exe

windows7_x64

SecuriteIn...15.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.W32.MSIL_Kryptik.DZG.genEldorado.27752.15715
Size

713KB
Sample

210421-hsly63a5xs
MD5

e646af1a498ede2a8df840e4ca290e59
SHA1

13a7b8016800ba9694f0589721bd34ab72dfb0a9
SHA256

20359c84189b6e46bea8c9ae514d2d7cc315341f1ebb93d7d6a9859fc54b92ee
SHA512

739ed8423188fcfe71903d35ed5cab29bf90a9af1bc1e4b22ae9b385219949176280f3017f9dff112589615f8616603a45ae9beed9d070b3191c45d0ad938061

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.W32.MSIL_Kryptik.DZG.genEldorado.27752.15715.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.W32.MSIL_Kryptik.DZG.genEldorado.27752.15715.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.mail.ru
Port:
587
Username:
barrado@inbox.ru
Password:
z6~Rhjss*B0}

Targets

- Target
  
  SecuriteInfo.com.W32.MSIL_Kryptik.DZG.genEldorado.27752.15715
- Size
  
  713KB
- MD5
  
  e646af1a498ede2a8df840e4ca290e59
- SHA1
  
  13a7b8016800ba9694f0589721bd34ab72dfb0a9
- SHA256
  
  20359c84189b6e46bea8c9ae514d2d7cc315341f1ebb93d7d6a9859fc54b92ee
- SHA512
  
  739ed8423188fcfe71903d35ed5cab29bf90a9af1bc1e4b22ae9b385219949176280f3017f9dff112589615f8616603a45ae9beed9d070b3191c45d0ad938061
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy