agenttesla | d7f4fe4f49d455cf114c05830ee5dbea9b8a37cf0fcd48b834d33e043928665f | Triage

Submit
Reports

Overview

overview

Static

static

3

PO OAU_NOV...DF.scr

windows7-x64

PO OAU_NOV...DF.scr

windows10-2004-x64

Sharing

General

Target

D7F4FE4F49D455CF114C05830EE5DBEA9B8A37CF0FCD48B834D33E043928665F
Size

386KB
Sample

231206-eptppaba93
MD5

7cb0057f1e8cda251a16e1384d10adda
SHA1

11468dec68c4d8065136907631f51b76172dca58
SHA256

d7f4fe4f49d455cf114c05830ee5dbea9b8a37cf0fcd48b834d33e043928665f
SHA512

99c1934dbeebdf3c1caa768476a738f5cdd99ef00a4f4612e69abea6f242cd5017786c787ebbbe6dbaea59e5dfd8e2e7421d4c8d19781024f19590d3a003334a
SSDEEP

6144:nDD1SMY3tZhNr9Mi6FiLHCOnLxPyDwsuHPziiQGrY/ZnO+OSd3N7hlVXT/L:DELtZHqvi7Cy8DwK/ZjJhr5

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

PO OAU_NOVQTRFA00541·PDF.scr

Resource

win7-20231023-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

PO OAU_NOVQTRFA00541·PDF.scr

Resource

win10v2004-20231127-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
breijhyswzsjmyqd
Email To:
[email protected]

Targets

- Target
  
  PO OAU_NOVQTRFA00541·PDF.scr
- Size
  
  813KB
- MD5
  
  01117545c435423593adf192c6361730
- SHA1
  
  8bfbf242a8980921ebf82f8a1bd64c9313b9715d
- SHA256
  
  b1408013b2aafe2fdfc5a240945fce0d2b784862b8343d8297afbf031d02dd33
- SHA512
  
  b0c7b610bee518cc520226f23594464a32d166e98959b46c45989a583f78b5b8d3670b1309e632e967e79ed5d8267ee639da49f0b024e5a40c6dc03c129768cf
- SSDEEP
  
  12288:eiJUgNlYQginsOnNPkoJlVD5aPI7r4krvby:euUgNldnJhFJl/iI7frvby
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy