agenttesla | 90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

90d3f9df2e...b9.exe

windows7-x64

90d3f9df2e...b9.exe

windows10-2004-x64

Sharing

General

Target

90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
Size

729KB
Sample

240202-c4g84aecdk
MD5

fcd5fbce64b30ce17bbd688b8d5d34ea
SHA1

1650bcd77bc0c71678d0a231a1d99b3fca5b7608
SHA256

90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
SHA512

9dd0b0bee26e52d19b12a78814977e75bf445919868f3d102f8d97ebc61be324fbb6bf5d7870e0ce7c51acf392e03a0266d8c1d1c0958eb219d5f45b5c813205
SSDEEP

12288:CayAoIFFHgeg/cjoraEMNGZvrzYfnuaspgr5czQhUl/gHmAxhfGWW4Xr:CayAXFxoaEMNGZvrmnuSrezeUlgPxN1h

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9.exe

Resource

win7-20231215-en

agenttesla keylogger spyware stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9.exe

Resource

win10v2004-20231215-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
@BPkIlloCGraceD7@1
Email To:
[email protected]

Targets

- Target
  
  90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
- Size
  
  729KB
- MD5
  
  fcd5fbce64b30ce17bbd688b8d5d34ea
- SHA1
  
  1650bcd77bc0c71678d0a231a1d99b3fca5b7608
- SHA256
  
  90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
- SHA512
  
  9dd0b0bee26e52d19b12a78814977e75bf445919868f3d102f8d97ebc61be324fbb6bf5d7870e0ce7c51acf392e03a0266d8c1d1c0958eb219d5f45b5c813205
- SSDEEP
  
  12288:CayAoIFFHgeg/cjoraEMNGZvrzYfnuaspgr5czQhUl/gHmAxhfGWW4Xr:CayAXFxoaEMNGZvrmnuSrezeUlgPxN1h
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy