agenttesla | 0b98910cd666d6c596b28611acb69f06ba1fee9bcc8af37103772ee1db7dd167 | Triage

Submit
Reports

Overview

overview

Static

static

GSO-1367-2...17.exe

windows7_x64

GSO-1367-2...17.exe

windows10-2004_x64

Sharing

General

Target

0b98910cd666d6c596b28611acb69f06ba1fee9bcc8af37103772ee1db7dd167
Size

417KB
Sample

220521-bcdk6abfg2
MD5

ceb804a39d1a275f7799282441068991
SHA1

b1ea418b0444c4b3b78a249527bf2d7abca850cc
SHA256

0b98910cd666d6c596b28611acb69f06ba1fee9bcc8af37103772ee1db7dd167
SHA512

2e713aee3e9937ad37016d58253045c91c6c5259bb80d524b7580ca4ce4f5fa4516c668836b0366d9271daeaa2a5a4796b3a442ef0f3eeb710a9d157d4e1b1ad

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

GSO-1367-27072020112017.exe

Resource

win7-20220414-en

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

GSO-1367-27072020112017.exe

Resource

win10v2004-20220414-en

agenttesla keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
%kHFH^!4

Targets

- Target
  
  GSO-1367-27072020112017.exe
- Size
  
  611KB
- MD5
  
  2d04103bda6d755fd47c94d6773574c1
- SHA1
  
  41cc7cde2fff3f79a7124545e5a449bd42db4e14
- SHA256
  
  8f93c794e02fbd006a5a7d2f929042819d7d5666ccb976ff248eef4dc6d2591e
- SHA512
  
  feb803979827b575b40b73710164cb2be368cf5800e253b1260f1afbf0eaf21b6dcb95456b1857ef7d4101dd6917a43362427bfe43765b242659958048c10e8d
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy