agenttesla | e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

e8c50e1ab1...b7.exe

windows7-x64

e8c50e1ab1...b7.exe

windows10-2004-x64

Sharing

General

Target

e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
Size

1.3MB
Sample

240203-b2ymmadhg3
MD5

5d762b6b02a088d09c6c5376f2a45110
SHA1

a178a3968678e68efa5ab44f2343971670fdc10c
SHA256

e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
SHA512

77af03fb2ad4ea5993f719be031debfee8a5b7956d8c50b4c755a25ad41297f83d1a2e1835b21b136e42eaedbc6f2c2d20400c49d1500b4d3552ff402a43826f
SSDEEP

24576:vAHnh+eWsN3skA4RV1Hom2KXMmHan8QnGDLRKbhLBDU+iI3+85:Sh+ZkldoPK8Ya8QnGDLRcLhLiId

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7.exe

Resource

win7-20231215-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7.exe

Resource

win10v2004-20231215-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
- Size
  
  1.3MB
- MD5
  
  5d762b6b02a088d09c6c5376f2a45110
- SHA1
  
  a178a3968678e68efa5ab44f2343971670fdc10c
- SHA256
  
  e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
- SHA512
  
  77af03fb2ad4ea5993f719be031debfee8a5b7956d8c50b4c755a25ad41297f83d1a2e1835b21b136e42eaedbc6f2c2d20400c49d1500b4d3552ff402a43826f
- SSDEEP
  
  24576:vAHnh+eWsN3skA4RV1Hom2KXMmHan8QnGDLRKbhLBDU+iI3+85:Sh+ZkldoPK8Ya8QnGDLRcLhLiId
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy