agenttesla | 9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738 | Triage

Submit
Reports

Overview

overview

Static

static

3

9313fe726d...38.exe

windows7-x64

9313fe726d...38.exe

windows10-2004-x64

Sharing

General

Target

9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738
Size

722KB
Sample

231206-c6sslsad76
MD5

e1b84cc702389fffaeecf94481e7158d
SHA1

3b0e8e30f939c27e1e367310a0574d095b49eb0a
SHA256

9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738
SHA512

be04219495a6bf75c853ec530d298a4be1b6cbfe54e81cdcbe6286643f774325d86dd2a26da5fb6cac253cb7e9d534738660581f29e07d715caaa1a150f06c86
SSDEEP

12288:C/w5nF8ME6jD/L636xR123PtBojgkVC/pqCy+xeeODKnrWC8xxTlCRVW:CYPtD/KI123PbLEseF284VW

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738.exe

Resource

win7-20231020-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738.exe

Resource

win10v2004-20231127-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.trisquarespl.com
Port:
587
Username:
[email protected]
Password:
vphYSHb*2
Email To:
[email protected]

Targets

- Target
  
  9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738
- Size
  
  722KB
- MD5
  
  e1b84cc702389fffaeecf94481e7158d
- SHA1
  
  3b0e8e30f939c27e1e367310a0574d095b49eb0a
- SHA256
  
  9313fe726df71a9a251ff4c7cbeacd9ddd6f187a747c4d3f25f93ecc070de738
- SHA512
  
  be04219495a6bf75c853ec530d298a4be1b6cbfe54e81cdcbe6286643f774325d86dd2a26da5fb6cac253cb7e9d534738660581f29e07d715caaa1a150f06c86
- SSDEEP
  
  12288:C/w5nF8ME6jD/L636xR123PtBojgkVC/pqCy+xeeODKnrWC8xxTlCRVW:CYPtD/KI123PbLEseF284VW
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy