agenttesla | 9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc | Triage

Submit
Reports

Overview

overview

Static

static

9196273424...cc.exe

windows7-x64

9196273424...cc.exe

windows10-2004-x64

Sharing

General

Target

9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc.exe
Size

729KB
Sample

221208-naagyacg5s
MD5

87458cb86833d07252ebb09ce2704110
SHA1

49327866d96179f67facbf3e542e5ca94f57bdfd
SHA256

9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc
SHA512

5e040e8b0f70c552512da26002c38601671d758713e9a84d81a4af33e91ea5dda2b2f16792355622f24f619c8c4b1b26e8e94656f7e7d98858f8c70216126aca
SSDEEP

12288:Dtgh/PsZ1DX/VDJVJDtEfUbtbAKhT/P1dcL3Dc/E2WgMe:Dtgh/PWJ6Ubtb7hTTKDc5WgMe

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc.exe

Resource

win7-20220812-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc.exe

Resource

win10v2004-20220812-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5088709131:AAFHCIxHU907RAI3XEaH2G6LgE9wrdrAgI0/sendDocument

Targets

- Target
  
  9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc.exe
- Size
  
  729KB
- MD5
  
  87458cb86833d07252ebb09ce2704110
- SHA1
  
  49327866d96179f67facbf3e542e5ca94f57bdfd
- SHA256
  
  9196273424391332296b033958a8271b9937e8688e3a3c36bd04d5dd62f164cc
- SHA512
  
  5e040e8b0f70c552512da26002c38601671d758713e9a84d81a4af33e91ea5dda2b2f16792355622f24f619c8c4b1b26e8e94656f7e7d98858f8c70216126aca
- SSDEEP
  
  12288:Dtgh/PsZ1DX/VDJVJDtEfUbtbAKhT/P1dcL3Dc/E2WgMe:Dtgh/PWJ6Ubtb7hTTKDc5WgMe
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy