agenttesla | fe9a3933128b2954090c969682e654f1349ed093f45d4bd2e8546beff5497654 | Triage

Submit
Reports

Overview

overview

Static

static

BANK DETAILS.exe

windows7_x64

BANK DETAILS.exe

windows10_x64

Sharing

General

Target

BANK DETAILS.zip
Size

506KB
Sample

210722-j31qx87eax
MD5

d96806deb211163cce64cb6d8bfe76e1
SHA1

c0d8526c8b8f50023a91eaba2e2a9d50f89ae01f
SHA256

fe9a3933128b2954090c969682e654f1349ed093f45d4bd2e8546beff5497654
SHA512

63c0152effbcf373f0824c60affc8e96fc3930a75bea5c9ce00f05225ab36d182c6b82e4100bd2ccebec8e53f0586b3f8a25796e1bda7e162e2cf1ad7d7dfe6d

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

BANK DETAILS.exe

Resource

win7v20210408

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

BANK DETAILS.exe

Resource

win10v20210408

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.framafilms.com
Port:
587
Username:
framafilmsint@framafilms.com
Password:
lister11

Targets

- Target
  
  BANK DETAILS.exe
- Size
  
  894KB
- MD5
  
  fb06ed245f080393bbfe1ae577053085
- SHA1
  
  a003c960669f5a64ae182dcfc9d7185750a84f0d
- SHA256
  
  2f639103b3a2a16f0eacad22c7df0a037c3a45d74cfe09ce96f86e13fe74a1b8
- SHA512
  
  cf75bb4fe26c743c3e448700a7baccb233f82113562afd46836beebe0593a21adc34d15de9dfa7918a034b6b75a8e2a4c989391c1b3dcf08a17dc8b0983932e3
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy