agenttesla | 149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace | Triage

Submit
Reports

Overview

overview

Static

static

149fee78d8...ce.exe

windows7-x64

149fee78d8...ce.exe

windows10-2004-x64

Sharing

General

Target

149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
Size

154.0MB
Sample

231204-bwjlhsgd54
MD5

0e3961b63c79cfd5450af6a072df2cf4
SHA1

e5aa08783dce22db20ea2791c8bd9e555dbe91a1
SHA256

149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
SHA512

360e9c51f5825a973a1ceb6b9c0dcdd580715e72dbef6bd3f409d73cf88b776b316ec08023c90470f7e7de5dfa81a3c4bdcddf4b7a221fa722e8ba68828cc0e9
SSDEEP

1572864:UafzGToO0fw1GZrhqWKnUlqdoT43pv8Mx58REy0DZlecF:HfzdhbIoTY5zZAY

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace.exe

Resource

win7-20231130-en

agenttesla keylogger spyware stealer trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace.exe

Resource

win10v2004-20231127-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
- Size
  
  154.0MB
- MD5
  
  0e3961b63c79cfd5450af6a072df2cf4
- SHA1
  
  e5aa08783dce22db20ea2791c8bd9e555dbe91a1
- SHA256
  
  149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
- SHA512
  
  360e9c51f5825a973a1ceb6b9c0dcdd580715e72dbef6bd3f409d73cf88b776b316ec08023c90470f7e7de5dfa81a3c4bdcddf4b7a221fa722e8ba68828cc0e9
- SSDEEP
  
  1572864:UafzGToO0fw1GZrhqWKnUlqdoT43pv8Mx58REy0DZlecF:HfzdhbIoTY5zZAY
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy