agenttesla | 2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e | Triage

Submit
Reports

Overview

overview

Static

static

3

NEAS.2d63c...6e.exe

windows7-x64

NEAS.2d63c...6e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e.exe
Size

772KB
Sample

231116-v6mwgafc7s
MD5

8c40f84675de67fae86c52e10a934795
SHA1

2a2bc66b2b67506ffea6df556a58867048d8bdec
SHA256

2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e
SHA512

febefe90958b0b1bee3762a730438533230da7043d69b6381db0008353d7ad4bc72b75cad5167f3a545dea80899a7a42d23021f9c99016375eb199c1e126ac3b
SSDEEP

12288:SmR83xrqRhBwI1sn+hvOFLH8IYt+0DwLHh:SmuBrqRhBb6LHOD6Hh

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

NEAS.2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e.exe

Resource

win7-20231025-en

agenttesla keylogger spyware stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e.exe

Resource

win10v2004-20231023-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.apexthreads.com
Port:
587
Username:
[email protected]
Password:
^YD1security^
Email To:
[email protected]

Targets

- Target
  
  NEAS.2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e.exe
- Size
  
  772KB
- MD5
  
  8c40f84675de67fae86c52e10a934795
- SHA1
  
  2a2bc66b2b67506ffea6df556a58867048d8bdec
- SHA256
  
  2d63c7065f4924e91461a07ccefafbddc4d7944cc5cbf0ad543a7c7f8103d36e
- SHA512
  
  febefe90958b0b1bee3762a730438533230da7043d69b6381db0008353d7ad4bc72b75cad5167f3a545dea80899a7a42d23021f9c99016375eb199c1e126ac3b
- SSDEEP
  
  12288:SmR83xrqRhBwI1sn+hvOFLH8IYt+0DwLHh:SmuBrqRhBb6LHOD6Hh
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy