agenttesla | 0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945 | Triage

Submit
Reports

Overview

overview

Static

static

0d978c4233...45.exe

windows7-x64

0d978c4233...45.exe

windows10-2004-x64

Sharing

General

Target

0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945
Size

540KB
Sample

221130-wqjpjsfe2z
MD5

17374bee9f7614c03fe8efafad46b825
SHA1

54ab5ecdfe57c065f95477092531437f27ebc26d
SHA256

0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945
SHA512

b6e2977d557aaeb3061d085be6fd24b9de9837af383a0acc154b0372fdd85dbd592549b2f04f99cff551a54f30e5388be25d5c95d93a7868792c4c443119c002
SSDEEP

12288:r/LJwaKOvSxt/Nnzcd3D3IWZMIwjbr1r4eUPB7enz:plvO/Nzcd3wjbJMfVK

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945.exe

Resource

win7-20220812-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945.exe

Resource

win10v2004-20220812-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.publigestion.es
Port:
587
Username:
[email protected]
Password:
}y2[j3p7t&Ig
Email To:
[email protected]

Targets

- Target
  
  0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945
- Size
  
  540KB
- MD5
  
  17374bee9f7614c03fe8efafad46b825
- SHA1
  
  54ab5ecdfe57c065f95477092531437f27ebc26d
- SHA256
  
  0d978c4233eb92b8e3b73fb445c9c1b42a99af8ddeb005a50a648ff18a519945
- SHA512
  
  b6e2977d557aaeb3061d085be6fd24b9de9837af383a0acc154b0372fdd85dbd592549b2f04f99cff551a54f30e5388be25d5c95d93a7868792c4c443119c002
- SSDEEP
  
  12288:r/LJwaKOvSxt/Nnzcd3D3IWZMIwjbr1r4eUPB7enz:plvO/Nzcd3wjbJMfVK
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy