agenttesla | 80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89 | Triage

Submit
Reports

Overview

overview

Static

static

3

80211631ed...89.exe

windows7-x64

80211631ed...89.exe

windows10-2004-x64

Sharing

General

Target

80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
Size

704KB
Sample

231209-b74qtsfeh2
MD5

1e200c8b6c2ffe0622eed61f1c842660
SHA1

9b5fab6deb498f0ef04fd1b4815bae9af86240e8
SHA256

80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
SHA512

7391f56b799141a8c409336d0075f35b7d43d43692193518440a655d89f1be275d27e1b1ae7ea01b084858dd5534192ad406c314c9a4de87ce0624b7d3b42990
SSDEEP

12288:Le2FV4Nq/QIi7sgblxIDmAviJoEyTZ33a33S333333+H:LmQIb7NwDU2OH

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89.exe

Resource

win7-20231201-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89.exe

Resource

win10v2004-20231127-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
gator3220.hostgator.com
Port:
587
Username:
[email protected]
Password:
RS#w!TZ505!!@@ND
Email To:
[email protected]

Targets

- Target
  
  80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
- Size
  
  704KB
- MD5
  
  1e200c8b6c2ffe0622eed61f1c842660
- SHA1
  
  9b5fab6deb498f0ef04fd1b4815bae9af86240e8
- SHA256
  
  80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
- SHA512
  
  7391f56b799141a8c409336d0075f35b7d43d43692193518440a655d89f1be275d27e1b1ae7ea01b084858dd5534192ad406c314c9a4de87ce0624b7d3b42990
- SSDEEP
  
  12288:Le2FV4Nq/QIi7sgblxIDmAviJoEyTZ33a33S333333+H:LmQIb7NwDU2OH
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy