agenttesla | 61d174848fcdab757bf469b021c329b9b698c1f3c621d3387ff515c360476cb0 | Triage

Submit
Reports

Overview

overview

Static

static

w5FqUzyDmszpdwX.exe

windows7_x64

w5FqUzyDmszpdwX.exe

windows10_x64

Sharing

General

Target

w5FqUzyDmszpdwX.exe
Size

906KB
Sample

210511-62mgh9kf9j
MD5

9a67f0453cb0442cc374d0e95a7d20a0
SHA1

0e49ab04d2aed969f87e9de86a1eb6f0e3fb67b4
SHA256

61d174848fcdab757bf469b021c329b9b698c1f3c621d3387ff515c360476cb0
SHA512

1ba6940677272555c0fcc44f763ed6de2db439fd405b31cafc79cc6c4cd39017fe7b8f8ad487f913b890e4e203a01ce0d12c79ba632606580369fa4c3fce3b90

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

w5FqUzyDmszpdwX.exe

Resource

win7v20210408

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

w5FqUzyDmszpdwX.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.iykmoreentrprise.org
Port:
587
Username:
office5@iykmoreentrprise.org
Password:
rwkWCM328

Targets

- Target
  
  w5FqUzyDmszpdwX.exe
- Size
  
  906KB
- MD5
  
  9a67f0453cb0442cc374d0e95a7d20a0
- SHA1
  
  0e49ab04d2aed969f87e9de86a1eb6f0e3fb67b4
- SHA256
  
  61d174848fcdab757bf469b021c329b9b698c1f3c621d3387ff515c360476cb0
- SHA512
  
  1ba6940677272555c0fcc44f763ed6de2db439fd405b31cafc79cc6c4cd39017fe7b8f8ad487f913b890e4e203a01ce0d12c79ba632606580369fa4c3fce3b90
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy