agenttesla | ce7fe275dadb04e2b8065fbeffac933658ac8429829280447c9ce07751128f69 | Triage

Submit
Reports

Overview

overview

Static

static

3

94f41b1023...c2.exe

windows7-x64

94f41b1023...c2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

6b95c035445735c11db327f763177c66.bin
Size

381KB
Sample

231103-cgcebscd68
MD5

248e80e3d2dfb784fde626c92648e66e
SHA1

38c23c4fcf7ae10210396c454398b1a52f9bfd9b
SHA256

ce7fe275dadb04e2b8065fbeffac933658ac8429829280447c9ce07751128f69
SHA512

daa1f7a2816512de294250367cc0c016a42aab64e06cb46efdae136555906bd5ce59fc2af3ed13a07f1be21ef2efc5a5a107de6a96dbf5aa01f6acf901a2c911
SSDEEP

6144:lnNgVAUhdxuoKtvFm+uAj+v5Vn5+Zno9iI+S0elisRvhth4LC7aXpcVq4gHP26/7:ZaVddxTSykw0edvzh+C7aXpc+O6/xt

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

94f41b10238cb779f5362938093c577bcb1ed8ab3b4dec75b48ad735807072c2.exe

Resource

win7-20231025-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

94f41b10238cb779f5362938093c577bcb1ed8ab3b4dec75b48ad735807072c2.exe

Resource

win10v2004-20231025-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
gator3220.hostgator.com
Port:
587
Username:
[email protected]
Password:
MahaKPs7^^!@@ng@!
Email To:
[email protected]

Targets

- Target
  
  94f41b10238cb779f5362938093c577bcb1ed8ab3b4dec75b48ad735807072c2.exe
- Size
  
  403KB
- MD5
  
  6b95c035445735c11db327f763177c66
- SHA1
  
  e32847939b84ace3cf921f595e51ddbb0d02b179
- SHA256
  
  94f41b10238cb779f5362938093c577bcb1ed8ab3b4dec75b48ad735807072c2
- SHA512
  
  9b90b4e1f75227957e44e65adf0b042b8017e7c813122ec0cbd92acb6633be3c258e88786fb433dc847dedbf73a39d634c5bfc52a1a6ad9522eb7b6e93e12a78
- SSDEEP
  
  6144:SbyjS5FFRqt+eoEg6HorcoUrRQFyqw1d1sMGnjpnVAwuNWuM6qHfdw2I:+RPFGlZZ11ff6MkAwuIuM6M
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy