agenttesla | 32b40946b375a87fbcffd5dd1c8da2b375b2f976fca535e06cb36c9d8f40e866 | Triage

Submit
Reports

Overview

overview

Static

static

Request Sa...ts.exe

windows7_x64

Request Sa...ts.exe

windows10_x64

Sharing

General

Target

Request Sample products.exe
Size

897KB
Sample

210511-dtr7wrppde
MD5

f64f75a76ab15e02ef0b9af4a5c829a5
SHA1

572cd977d029ce977cd2c4fade38ea882c64e57a
SHA256

32b40946b375a87fbcffd5dd1c8da2b375b2f976fca535e06cb36c9d8f40e866
SHA512

0f0c655d08a1f2cf54bf7fd5129acfd67b483454f2e6f9effce462313ed7c76fde0890b418675f01a8174a9d6b2ff9525cad19fddd0965c1b30f799a8e30bdee

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Request Sample products.exe

Resource

win7v20210408

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Request Sample products.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.globaloffs-site.com
Port:
587
Username:
info@globaloffs-site.com
Password:
ZjWYHma3

Targets

- Target
  
  Request Sample products.exe
- Size
  
  897KB
- MD5
  
  f64f75a76ab15e02ef0b9af4a5c829a5
- SHA1
  
  572cd977d029ce977cd2c4fade38ea882c64e57a
- SHA256
  
  32b40946b375a87fbcffd5dd1c8da2b375b2f976fca535e06cb36c9d8f40e866
- SHA512
  
  0f0c655d08a1f2cf54bf7fd5129acfd67b483454f2e6f9effce462313ed7c76fde0890b418675f01a8174a9d6b2ff9525cad19fddd0965c1b30f799a8e30bdee
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy