agenttesla | ec90aedf80763b313c646fd0c62b4a7f627d3df787416e562d276e76022bc857 | Triage

Submit
Reports

Overview

overview

Static

static

Payment.exe

windows7-x64

Payment.exe

windows10-2004-x64

Sharing

General

Target

Payment.exe
Size

584KB
Sample

221205-nbq63shb8v
MD5

a158bd528300b85b97ceabdb5ce89ec7
SHA1

291341762d795899609f283ec1acdb4ac2bc6a6f
SHA256

ec90aedf80763b313c646fd0c62b4a7f627d3df787416e562d276e76022bc857
SHA512

96d61cc09f96a126f9b3b39556b87c1baf47b58d28c4b5192647a8b9aa1121a1f5fe2306aacc6491eef3442959701c207207e2976699efc0a71e22fd851c5781
SSDEEP

12288:xeqKCgTod2M+g0EiQ4/Bv3h3MaUZ9KtaS2OgiotlMDXthPaasNLMl9jq:MqKsh02C7MVwf2O3otlk9Rs5k9j

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Payment.exe

Resource

win7-20220901-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payment.exe

Resource

win10v2004-20221111-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5083863399:AAH9g72QTdN88jNOd6_tBrE8gEd-FpXnfHE/sendDocument

Targets

- Target
  
  Payment.exe
- Size
  
  584KB
- MD5
  
  a158bd528300b85b97ceabdb5ce89ec7
- SHA1
  
  291341762d795899609f283ec1acdb4ac2bc6a6f
- SHA256
  
  ec90aedf80763b313c646fd0c62b4a7f627d3df787416e562d276e76022bc857
- SHA512
  
  96d61cc09f96a126f9b3b39556b87c1baf47b58d28c4b5192647a8b9aa1121a1f5fe2306aacc6491eef3442959701c207207e2976699efc0a71e22fd851c5781
- SSDEEP
  
  12288:xeqKCgTod2M+g0EiQ4/Bv3h3MaUZ9KtaS2OgiotlMDXthPaasNLMl9jq:MqKsh02C7MVwf2O3otlk9Rs5k9j
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy