agenttesla | f076d51c4fa09d0e318d43f41560fa50b8c4a4f327effa8aeafedf947800e4d8 | Triage

Submit
Reports

Overview

overview

Static

static

yl9KgwwOXDZoGMw.exe

windows7_x64

yl9KgwwOXDZoGMw.exe

windows10_x64

Sharing

General

Target

yl9KgwwOXDZoGMw.exe
Size

906KB
Sample

210511-ezxa8aazd6
MD5

798cb8a4ceae24a7a2fd213deb85a107
SHA1

3d7ec487833c318b475818cf771c2af165b6d82b
SHA256

f076d51c4fa09d0e318d43f41560fa50b8c4a4f327effa8aeafedf947800e4d8
SHA512

22dab34cf8ff46cc419705e4ab50929eeca9b20361f8716fea5d578c0e0a1e27e6a0d7c27a15a62d9923ca534b2e72c5aab49d66fd3f4e46d57cb3d6e5ca4532

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

yl9KgwwOXDZoGMw.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

yl9KgwwOXDZoGMw.exe

Resource

win10v20210408

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.privateemail.com
Port:
587
Username:
ken@kengrouco.xyz
Password:
Everest10

Targets

- Target
  
  yl9KgwwOXDZoGMw.exe
- Size
  
  906KB
- MD5
  
  798cb8a4ceae24a7a2fd213deb85a107
- SHA1
  
  3d7ec487833c318b475818cf771c2af165b6d82b
- SHA256
  
  f076d51c4fa09d0e318d43f41560fa50b8c4a4f327effa8aeafedf947800e4d8
- SHA512
  
  22dab34cf8ff46cc419705e4ab50929eeca9b20361f8716fea5d578c0e0a1e27e6a0d7c27a15a62d9923ca534b2e72c5aab49d66fd3f4e46d57cb3d6e5ca4532
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy