agenttesla | 2c0e84875dd9890e215197a4d3d51cfafaeb40c0a41b29781b228e03de2aba35 | Triage

Submit
Reports

Overview

overview

Static

static

Advice.exe

windows7-x64

Advice.exe

windows10-2004-x64

Sharing

General

Target

2C0E84875DD9890E215197A4D3D51CFAFAEB40C0A41B29781B228E03DE2ABA35
Size

535KB
Sample

221123-r2w2ssab97
MD5

89f215f10bc2af3010874413c6713d3c
SHA1

985b7601f88c541eebff873df98dec93356fa317
SHA256

2c0e84875dd9890e215197a4d3d51cfafaeb40c0a41b29781b228e03de2aba35
SHA512

f23db15d589cc29e24cc87e72f8e3f00bf427a583e718983f53799cbc3ad756e557786c18b50c0225868406f4e00f0a0f7c9e383d50f648f58eef607db0ea196
SSDEEP

12288:17zVIcViJ+HN3/jdCDUvLAwmEVxXwHeBSku4Y6cwKUIckk:17zVIKf5zLABEVxUiu8Ek

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Advice.exe

Resource

win7-20220812-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Advice.exe

Resource

win10v2004-20220812-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot1900392974:AAEB_yGGlWksNcNC4Dg08OgUSlmDON2w098/sendDocument

Targets

- Target
  
  Advice.exe
- Size
  
  753KB
- MD5
  
  751532ac5635d8c77a474df541c780d9
- SHA1
  
  d7a962a32cafae1e791d2f896d0c9bb6ae0384d0
- SHA256
  
  ef176faa1d186e67f9ab559b32c35dcfe874bef49156ebcd414d5c032ec2f55a
- SHA512
  
  4a32296e5b02d8a6cf5c839ec0425231bde4d4d51dc92030c4fd658c6da11cc49521523a9547e40d658146b0a703ac04d12d2df2f78f25c2863d28a7a8fcb474
- SSDEEP
  
  12288:939riVwf3iJ+HN3TFfIKXKH0oKnkishvwWqWogZWhwOANLw/y/9Zu/E9jtgmdbtb:9Nriy/fTFfyRIA2R59Ntjk
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy