agenttesla | 9bf192a23eeb844b6e8b01c41d085d1c2bfb576653732d99d7468571f1a28fb5 | Triage

Submit
Reports

Overview

overview

Static

static

po.exe

windows7-x64

po.exe

windows10-2004-x64

Sharing

General

Target

po.exe
Size

1.2MB
Sample

221123-vhdmwsca3w
MD5

9f47406520b38e4f56e23574dd77f25b
SHA1

08b429e3c04ee8ab3dee4f767538e1d7402e9d83
SHA256

9bf192a23eeb844b6e8b01c41d085d1c2bfb576653732d99d7468571f1a28fb5
SHA512

93bcb463ebf88daf2fcdfcea2e2e79afdf3376f5fe36fd24ec1f622eaad2a4079749a15ba9ff0c9d7e0034ecb4b4362b7b5b06c01ebd2edb9983415b71a1cbf3
SSDEEP

12288:/ZwVYsZ1DX/VDJtV7WtfpC2wsRaq5ldSupauq7ovqVxRAmszPE/aHLwLKWF/JeDD:/SVYkEgsRaqHcHUELGPyYL8KK6je

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

po.exe

Resource

win7-20221111-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

po.exe

Resource

win10v2004-20221111-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5088709131:AAFHCIxHU907RAI3XEaH2G6LgE9wrdrAgI0/sendDocument

Targets

- Target
  
  po.exe
- Size
  
  1.2MB
- MD5
  
  9f47406520b38e4f56e23574dd77f25b
- SHA1
  
  08b429e3c04ee8ab3dee4f767538e1d7402e9d83
- SHA256
  
  9bf192a23eeb844b6e8b01c41d085d1c2bfb576653732d99d7468571f1a28fb5
- SHA512
  
  93bcb463ebf88daf2fcdfcea2e2e79afdf3376f5fe36fd24ec1f622eaad2a4079749a15ba9ff0c9d7e0034ecb4b4362b7b5b06c01ebd2edb9983415b71a1cbf3
- SSDEEP
  
  12288:/ZwVYsZ1DX/VDJtV7WtfpC2wsRaq5ldSupauq7ovqVxRAmszPE/aHLwLKWF/JeDD:/SVYkEgsRaqHcHUELGPyYL8KK6je
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy