agenttesla | e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772 | Triage

Submit
Reports

Overview

overview

Static

static

e341509e17...72.exe

windows7_x64

e341509e17...72.exe

windows10-2004_x64

Sharing

General

Target

e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772
Size

982KB
Sample

220414-pq159sbgg6
MD5

4085a12eba2a7d21a84aa1203d8f4a78
SHA1

6b58a2c4bec97a991944f66bfded8e251d2f3e3a
SHA256

e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772
SHA512

443eb3d206f31578bd0c2dfec4a4aec1be11e784f604426e56cff19023f06b8d67f4cde5d709541eec396f35a7dcbb97a23ebfc60681690daa94a71d9617067a

Score

10^/10

agenttesla metastealer keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772.exe

Resource

win7-20220310-en

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772.exe

Resource

win10v2004-20220331-en

agenttesla metastealer keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.cofurtos.com
Port:
587
Username:
[email protected]
Password:
(YLIFfRrb4

Targets

- Target
  
  e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772
- Size
  
  982KB
- MD5
  
  4085a12eba2a7d21a84aa1203d8f4a78
- SHA1
  
  6b58a2c4bec97a991944f66bfded8e251d2f3e3a
- SHA256
  
  e341509e17c5b93c792305dfa2183d27d12b5806b3fdf313aa128f3930b16772
- SHA512
  
  443eb3d206f31578bd0c2dfec4a4aec1be11e784f604426e56cff19023f06b8d67f4cde5d709541eec396f35a7dcbb97a23ebfc60681690daa94a71d9617067a
Score

10^/10

agenttesla keylogger spyware stealer trojan metastealer
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Meta Stealer Stealer
  Meta Stealer steals passwords stored in browsers, written in C++.
  stealer metastealer
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslametastealerkeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy