agenttesla | d3a0ed9c610f5222c36c47cbcf31586ece30fcc4e1ef758d9ea40e40650a2e8d | Triage

Submit
Reports

Overview

overview

Static

static

7

Ghost Cosm...um.exe

windows11-21h2-x64

Resubmissions

09-12-2023 15:55

231209-tcxyxahcaj 10

Sharing

General

Target

Ghost Cosmetics Premium.exe
Size

16.3MB
Sample

231209-tcxyxahcaj
MD5

5c55e14e94c0e65e5e5965a2a45cd6d7
SHA1

e646d601e67b80e98412efb254c6f9230b711823
SHA256

d3a0ed9c610f5222c36c47cbcf31586ece30fcc4e1ef758d9ea40e40650a2e8d
SHA512

585e8b54e2f7e9cbb35a2a98adc2b520d9e9a947f708e7b67c739b44813660fa3f4964bfde33f29f146e128c060260d6eded3464bf9b3ec1ec274b9ce1823263
SSDEEP

393216:RbGRYyAZtRPGh6YDhim6uLTi093Fq6zph+LvvLUqW01fiO:Rts6YDhiR0TD91qkph+HR

Score

10^/10

agenttesla keylogger spyware stealer trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Ghost Cosmetics Premium.exe

Resource

win11-20231128-en

agenttesla keylogger spyware stealer trojan vmprotect

windows11-21h2-x64

5 signatures

300 seconds

Malware Config

Targets

- Target
  
  Ghost Cosmetics Premium.exe
- Size
  
  16.3MB
- MD5
  
  5c55e14e94c0e65e5e5965a2a45cd6d7
- SHA1
  
  e646d601e67b80e98412efb254c6f9230b711823
- SHA256
  
  d3a0ed9c610f5222c36c47cbcf31586ece30fcc4e1ef758d9ea40e40650a2e8d
- SHA512
  
  585e8b54e2f7e9cbb35a2a98adc2b520d9e9a947f708e7b67c739b44813660fa3f4964bfde33f29f146e128c060260d6eded3464bf9b3ec1ec274b9ce1823263
- SSDEEP
  
  393216:RbGRYyAZtRPGh6YDhim6uLTi093Fq6zph+LvvLUqW01fiO:Rts6YDhiR0TD91qkph+HR
Score

10^/10

agenttesla keylogger spyware stealer trojan vmprotect
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojanvmprotect

© 2018-2024

Terms | Privacy