agenttesla | c9854648a65f70285fb1922fa04ec64be1865c24c9bf6bcd20d8fcfd6640b607 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

f94d06ef8c...b8.exe

windows7-x64

f94d06ef8c...b8.exe

windows10-2004-x64

Sharing

General

Target

9fcfd49cab037d685a5237f4a8987132.bin
Size

730KB
Sample

240115-dxz11ahde5
MD5

83dfe186895cc412e62b3b11a7d62e44
SHA1

d69b9bab131c92340bb72ba7b0e9c5db77f900b3
SHA256

c9854648a65f70285fb1922fa04ec64be1865c24c9bf6bcd20d8fcfd6640b607
SHA512

d70ed1c223ae0a470754315c6dab831c33e648a8f1d9e336b8ff8f7c2c62290cd1266a970a53e6983d19f195286d755a71432afe4a67909676345d2c0a4e585c
SSDEEP

12288:bp5QE3JwFGnFhuRG0f1mbziu9gSvQ/fAx1CoQwSbSk53dKBs:95QE3iFts0ffuySQ/UlQak/Ka

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8.exe

Resource

win7-20231215-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8.exe

Resource

win10v2004-20231215-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
bezelety.top
Port:
587
Username:
[email protected]
Password:
IxF(..bSed6k
Email To:
[email protected]

Targets

- Target
  
  f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8.exe
- Size
  
  1.3MB
- MD5
  
  9fcfd49cab037d685a5237f4a8987132
- SHA1
  
  556b109fdfa4e2d61504b34f6ffc9f45ad92f3a1
- SHA256
  
  f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8
- SHA512
  
  140cf8c051a89edffa5a7adb24aae8a11c8f993a69b4f33c6a6274461674179a44adaa0cdfeebac0e16b201d5cf6764bdcbf4f772b09d41472c8de3cb8e0a977
- SSDEEP
  
  24576:FqDEvCTbMWu7rQYlBQcBiT6rprG8aZaxzcFe+vuapMrF8n:FTvC/MTQYxsWR7a4xuewuaq
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy