agenttesla | 2f639103b3a2a16f0eacad22c7df0a037c3a45d74cfe09ce96f86e13fe74a1b8 | Triage

Submit
Reports

Overview

overview

Static

static

P44898408970-1.exe

windows7_x64

P44898408970-1.exe

windows10_x64

Sharing

General

Target

P44898408970-1.exe
Size

894KB
Sample

210722-6n31yfh9ax
MD5

fb06ed245f080393bbfe1ae577053085
SHA1

a003c960669f5a64ae182dcfc9d7185750a84f0d
SHA256

2f639103b3a2a16f0eacad22c7df0a037c3a45d74cfe09ce96f86e13fe74a1b8
SHA512

cf75bb4fe26c743c3e448700a7baccb233f82113562afd46836beebe0593a21adc34d15de9dfa7918a034b6b75a8e2a4c989391c1b3dcf08a17dc8b0983932e3

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

P44898408970-1.exe

Resource

win7v20210408

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

P44898408970-1.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.framafilms.com
Port:
587
Username:
framafilmsint@framafilms.com
Password:
lister11

Targets

- Target
  
  P44898408970-1.exe
- Size
  
  894KB
- MD5
  
  fb06ed245f080393bbfe1ae577053085
- SHA1
  
  a003c960669f5a64ae182dcfc9d7185750a84f0d
- SHA256
  
  2f639103b3a2a16f0eacad22c7df0a037c3a45d74cfe09ce96f86e13fe74a1b8
- SHA512
  
  cf75bb4fe26c743c3e448700a7baccb233f82113562afd46836beebe0593a21adc34d15de9dfa7918a034b6b75a8e2a4c989391c1b3dcf08a17dc8b0983932e3
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy