agenttesla | eaff71128153dd8aca8aee7ae6ba8fa4b9e93d4592b3093bd4e19b8eb1d0ee36 | Triage

Submit
Reports

Overview

overview

Static

static

Ref 4359-0...34.exe

windows7_x64

Ref 4359-0...34.exe

windows10_x64

Sharing

General

Target

Ref 4359-0201-106.034.zip
Size

684KB
Sample

210721-7krlvknfz2
MD5

cb77d2b48b058c56299f4ed61bb2bcd4
SHA1

f8848b76c9049861a4ebed94446d1b2dc2dc2c8b
SHA256

eaff71128153dd8aca8aee7ae6ba8fa4b9e93d4592b3093bd4e19b8eb1d0ee36
SHA512

f2e49f4c745c617f0cd79c6256aabf4d0237a516d48e63e0f4d0f4d6c618a40e2fc101940a06f75b65ddb69580a5911bd7db0627108ac193cda83aa7e2b6c2a0

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Ref 4359-0201-106.034.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Ref 4359-0201-106.034.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.framafilms.com
Port:
587
Username:
[email protected]
Password:
lister11

Targets

- Target
  
  Ref 4359-0201-106.034.exe
- Size
  
  1.1MB
- MD5
  
  8120bed0e0875b8318ace086962b79ba
- SHA1
  
  d50078fa3081c0b6b4ce281d3e6a90263e936dc6
- SHA256
  
  34d69bd8b5f821d7287f3e04e119b2c039721d09232ad769c5209dc2605f20b7
- SHA512
  
  cad1162dcac930c55a3dde2640d27ef6d77d0781379b43a4b77a43281036de76fccb79b27798828dd1cb3c5b3973af4500eb54d9e09fe40737bff4f7292d1cfb
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy