agenttesla | 7f19e4ea2342241c1abf3ed44b08ff44caaa4b5b389d89736e972cdfb576e400 | Triage

Submit
Reports

Overview

overview

Static

static

3

5c3663fb8a...07.exe

windows7-x64

5c3663fb8a...07.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

5c3663fb8a066ce3dc7ed31f59e98607.exe
Size

788KB
Sample

231101-n1hk8shg98
MD5

5c3663fb8a066ce3dc7ed31f59e98607
SHA1

e11cd37bf8042fbf5a8d6ec65b8febe1531a2e7d
SHA256

7f19e4ea2342241c1abf3ed44b08ff44caaa4b5b389d89736e972cdfb576e400
SHA512

d31a7b0c8f470714cf17f4127f968f2c844f514d36eb3db3736d0add4031fd725464683300769f2000395fae5b29cfc66f48295f244940bc91ff719095dab52d
SSDEEP

12288:xlKnuaEXqXdVdUnV3MJ4cLXiRIe7vVRmJLgvG+u6ns+tHZ:GL4qXdVdUnC+cL+r7vVR8gvGyxtHZ

Score

10^/10

agenttesla zgrat collection keylogger rat spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5c3663fb8a066ce3dc7ed31f59e98607.exe

Resource

win7-20231020-en

agenttesla zgrat collection keylogger rat spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

5c3663fb8a066ce3dc7ed31f59e98607.exe

Resource

win10v2004-20231023-en

agenttesla zgrat collection keylogger rat spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
sarahfoils.com
Port:
587
Username:
[email protected]
Password:
Scalatica01
Email To:
[email protected]

Targets

- Target
  
  5c3663fb8a066ce3dc7ed31f59e98607.exe
- Size
  
  788KB
- MD5
  
  5c3663fb8a066ce3dc7ed31f59e98607
- SHA1
  
  e11cd37bf8042fbf5a8d6ec65b8febe1531a2e7d
- SHA256
  
  7f19e4ea2342241c1abf3ed44b08ff44caaa4b5b389d89736e972cdfb576e400
- SHA512
  
  d31a7b0c8f470714cf17f4127f968f2c844f514d36eb3db3736d0add4031fd725464683300769f2000395fae5b29cfc66f48295f244940bc91ff719095dab52d
- SSDEEP
  
  12288:xlKnuaEXqXdVdUnV3MJ4cLXiRIe7vVRmJLgvG+u6ns+tHZ:GL4qXdVdUnC+cL+r7vVR8gvGyxtHZ
Score

10^/10

agenttesla zgrat collection keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslazgratcollectionkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratcollectionkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy