agenttesla | f2a3c147eb3cb69591f0291b5a1d324a288f86773890fd77b24f255d13feb7bc | Triage

Submit
Reports

Overview

overview

Static

static

0000000654.pdf.exe

windows7_x64

0000000654.pdf.exe

windows10_x64

Sharing

General

Target

0000000654.pdf.exe
Size

919KB
Sample

210511-bckqahxf3s
MD5

349f507794afb6e5c6c5a1abeeaae124
SHA1

665a2e9b4695df7246dc17cc5add3a173fd42c16
SHA256

f2a3c147eb3cb69591f0291b5a1d324a288f86773890fd77b24f255d13feb7bc
SHA512

5e7df9509825e59ee04072365a441a3f7e01fa6cafdecfbd2a6f746363a8d3a3c4d7712f9be1300691d96dac2e0697a14c9b61fcfa8c55c2c552f6d9c202b9c6

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

0000000654.pdf.exe

Resource

win7v20210408

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0000000654.pdf.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.cordial-rothfusz.com
Port:
587
Username:
miguelangeltec@cordial-rothfusz.com
Password:
5212681fF

Targets

- Target
  
  0000000654.pdf.exe
- Size
  
  919KB
- MD5
  
  349f507794afb6e5c6c5a1abeeaae124
- SHA1
  
  665a2e9b4695df7246dc17cc5add3a173fd42c16
- SHA256
  
  f2a3c147eb3cb69591f0291b5a1d324a288f86773890fd77b24f255d13feb7bc
- SHA512
  
  5e7df9509825e59ee04072365a441a3f7e01fa6cafdecfbd2a6f746363a8d3a3c4d7712f9be1300691d96dac2e0697a14c9b61fcfa8c55c2c552f6d9c202b9c6
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy