agenttesla | 201c44ea2b025aed04606e37c44e9d1a75853b6f75bd2aaf4a2d6603f6a84774 | Triage

Submit
Reports

Overview

overview

Static

static

5

NEW QUOTE8...43.exe

windows7-x64

NEW QUOTE8...43.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

201c44ea2b025aed04606e37c44e9d1a75853b6f75bd2aaf4a2d6603f6a84774
Size

679KB
Sample

240123-bpf7taeefr
MD5

32f5a210068fc159eb5e851ad20b35be
SHA1

3118340efcd65fa27c76c54d9070925c50037a32
SHA256

201c44ea2b025aed04606e37c44e9d1a75853b6f75bd2aaf4a2d6603f6a84774
SHA512

1b6f0439bd4e90eaecbafe21f08ad7b896d410401869279cbe157450422c83f92301bab4d2bbf9e5f140504ce13c44c6dcfed1453689ab7b7fe0d5f9926b7607
SSDEEP

12288:fuqq55VKI36284lmGI2w/SeHHYtVivh4YqALloBBM/+/24++5drcgLSqLl/:Y5bKX34ng/JnYSvqY1CBi+/T5vWKx

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

NEW QUOTE87654328976543.exe

Resource

win7-20231215-en

agenttesla collection keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEW QUOTE87654328976543.exe

Resource

win10v2004-20231222-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.worlorderbillions.top
Port:
587
Username:
[email protected]
Password:
7ace90qwerty
Email To:
[email protected]

Targets

- Target
  
  NEW QUOTE87654328976543.exe
- Size
  
  1.2MB
- MD5
  
  c490b0e6588c18dd40208d88f77fef2a
- SHA1
  
  5d6201eeae9cf2f07f1445c82d6c9ac05f3ec391
- SHA256
  
  4dc7de74640475ad2c0f98468696d2fef1123a933da77a2bbf9369c879719938
- SHA512
  
  553ae497d268b12b26b0fd3a8eeb3efe76074f43d9ec2e2a78368515b6d2fd00f8b10dd90104a343ca5a150e7d81a9b97811cf311977ec768dbcf91159f7ad8a
- SSDEEP
  
  24576:aqDEvCTbMWu7rQYlBQcBiT6rprG8a25hMD5b5HqQ:aTvC/MTQYxsWR7a2vMXHq
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy