agenttesla | 26799266072f7aeaf11cfe54773cd3f387dd383bb8900cf1708a8db00740d101 | Triage

Submit
Reports

Overview

overview

Static

static

QUOTE B102...df.exe

windows7_x64

QUOTE B102...df.exe

windows10_x64

Sharing

General

Target

QUOTE B1020363.pdf.exe
Size

735KB
Sample

210511-56e4zrkk8s
MD5

8c817545d7ba60333a000ba5ce565776
SHA1

e2c55dc26dde7b0e07b950d9753ccee89d0216f0
SHA256

26799266072f7aeaf11cfe54773cd3f387dd383bb8900cf1708a8db00740d101
SHA512

2beec0619d4834e696f6c30513a9007e2e0c822c0290221de050b422abdd5e99025561ada8508e085d6415479a35eaef47f7040c3b5b1bffb464f0e95316d241

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

QUOTE B1020363.pdf.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

QUOTE B1020363.pdf.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.vivaldi.net
Port:
587
Username:
Graceboy123@vivaldi.net
Password:
4Lmm4pew4Z3EVCn

Targets

- Target
  
  QUOTE B1020363.pdf.exe
- Size
  
  735KB
- MD5
  
  8c817545d7ba60333a000ba5ce565776
- SHA1
  
  e2c55dc26dde7b0e07b950d9753ccee89d0216f0
- SHA256
  
  26799266072f7aeaf11cfe54773cd3f387dd383bb8900cf1708a8db00740d101
- SHA512
  
  2beec0619d4834e696f6c30513a9007e2e0c822c0290221de050b422abdd5e99025561ada8508e085d6415479a35eaef47f7040c3b5b1bffb464f0e95316d241
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy