agenttesla | 02d0d19371e5a668781776b2d23c99db6196c9ea52fe23ed0821016836c1d0b1 | Triage

Submit
Reports

Overview

overview

Static

static

5

MPFB-TGC-R...09.exe

windows7-x64

MPFB-TGC-R...09.exe

windows10-2004-x64

Sharing

General

Target

02d0d19371e5a668781776b2d23c99db6196c9ea52fe23ed0821016836c1d0b1
Size

692KB
Sample

240125-bsyw2adbb5
MD5

3fbc7d14a088484bebb5531be8c5e686
SHA1

bf5ab6eb9074577568d21615149fc8ddcb47963a
SHA256

02d0d19371e5a668781776b2d23c99db6196c9ea52fe23ed0821016836c1d0b1
SHA512

c3dfd0aad90e1b785b6cf6c3c107c0512edfdf5967169833ed46476dd0d4e7e21eae91edd0129885c997eaac4916d66054cb582a8c0a5ccc70fc623a0ffd750f
SSDEEP

12288:lRmR9+d9EMPqm0Uw977I+Z8NtqyPv6MwDesQzjwQ1kxLCbY5j38R+B1qz3rzX9zw:lRiA9XCgzA8NtvPv6Z6scULCb245rzNs

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

MPFB-TGC-RFQ-STR-016-00 33056 GHM009.exe

Resource

win7-20231215-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

MPFB-TGC-RFQ-STR-016-00 33056 GHM009.exe

Resource

win10v2004-20231215-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
bezelety.top
Port:
587
Username:
[email protected]
Password:
IxF(..bSed6k
Email To:
[email protected]

Targets

- Target
  
  MPFB-TGC-RFQ-STR-016-00 33056 GHM009.exe
- Size
  
  1.2MB
- MD5
  
  34a5ed066c09a498963140f92b66d41c
- SHA1
  
  a4885613ae758a0aa92e87c1a2770e5034172a01
- SHA256
  
  5350209f3176a8786b2c9d52b7d1c862070d838aab649d39f1cc854bfb3d61c1
- SHA512
  
  cb7e83993172f8784c2d0e58099a023551dcb9129654a2a385b3b1e7478f56d3dc8e94c6eada5fd195cb407a228bba8470462bf1a4c6bb37c98418b7da49fdb7
- SSDEEP
  
  24576:OAHnh+eWsN3skA4RV1Hom2KXMmHaQcGmLCBCo5rzPI5:5h+ZkldoPK8YajGkCBCanG
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy