agenttesla | 5d132e1c970e448e1e65657a7990e0c894f79ec3588ea32b0e110fb01685b4bc | Triage

Submit
Reports

Overview

overview

Static

static

PAGO FACTURA 3802.exe

windows7_x64

PAGO FACTURA 3802.exe

windows10_x64

Sharing

General

Target

PAGO FACTURA 3802.exe
Size

1.0MB
Sample

210727-2y4sv2hr7e
MD5

c2a78d097da563f35e0626d697535dae
SHA1

e2b40d9bd7e37cad70a6a6f1fef3ff9d1545f833
SHA256

5d132e1c970e448e1e65657a7990e0c894f79ec3588ea32b0e110fb01685b4bc
SHA512

aadb41c7ef1ae862a6855af9b4159536f3b965fc415aaf178f23c06c36418ab8508fbffc69669730cbe06b16fa9bc837b1ec0dbeead91a0df6d283023696461a

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PAGO FACTURA 3802.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PAGO FACTURA 3802.exe

Resource

win10v20210408

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.belpac.org
Port:
587
Username:
log1@belpac.org
Password:
TfJfVT^8

Targets

- Target
  
  PAGO FACTURA 3802.exe
- Size
  
  1.0MB
- MD5
  
  c2a78d097da563f35e0626d697535dae
- SHA1
  
  e2b40d9bd7e37cad70a6a6f1fef3ff9d1545f833
- SHA256
  
  5d132e1c970e448e1e65657a7990e0c894f79ec3588ea32b0e110fb01685b4bc
- SHA512
  
  aadb41c7ef1ae862a6855af9b4159536f3b965fc415aaf178f23c06c36418ab8508fbffc69669730cbe06b16fa9bc837b1ec0dbeead91a0df6d283023696461a
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy