agenttesla | fc2c64880d94d3b09871ba942db34f781b8f26a4bce3f177ff6383f728f3e42a | Triage

Submit
Reports

Overview

overview

Static

static

3

QUOTATION#00865.exe

windows7-x64

QUOTATION#00865.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

QUOTATION#00865.exe
Size

3.1MB
Sample

231127-jptrxafb87
MD5

1fbcd56c055b85eca05232a0703b132b
SHA1

01e24d6265142c4fbcefaaf39738c3f44b59d31b
SHA256

fc2c64880d94d3b09871ba942db34f781b8f26a4bce3f177ff6383f728f3e42a
SHA512

08f5dfc2a635e9fcace20b393a9b45d4a1d53866cf8df77f0500a074042e242cb0d16cd057319397b1b080db61118c02c5b770e3442aacbe34066951cbe450b1
SSDEEP

49152:Z0Fng4F/H3k1X3iR9LvjdHiJKSZDRJS2PiRR7Cp5FiK:E/HNGKSZDWe

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

QUOTATION#00865.exe

Resource

win7-20231023-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

QUOTATION#00865.exe

Resource

win10v2004-20231020-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
ftp.ercolina-usa.com
Port:
21
Username:
[email protected]
Password:
e2{!tG9K(4HG

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.ercolina-usa.com
Port:
21
Username:
[email protected]
Password:
e2{!tG9K(4HG

Targets

- Target
  
  QUOTATION#00865.exe
- Size
  
  3.1MB
- MD5
  
  1fbcd56c055b85eca05232a0703b132b
- SHA1
  
  01e24d6265142c4fbcefaaf39738c3f44b59d31b
- SHA256
  
  fc2c64880d94d3b09871ba942db34f781b8f26a4bce3f177ff6383f728f3e42a
- SHA512
  
  08f5dfc2a635e9fcace20b393a9b45d4a1d53866cf8df77f0500a074042e242cb0d16cd057319397b1b080db61118c02c5b770e3442aacbe34066951cbe450b1
- SSDEEP
  
  49152:Z0Fng4F/H3k1X3iR9LvjdHiJKSZDRJS2PiRR7Cp5FiK:E/HNGKSZDWe
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy