agenttesla | 23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

23a41237b7...e7.exe

windows7-x64

23a41237b7...e7.exe

windows10-2004-x64

Sharing

General

Target

23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
Size

1.6MB
Sample

240222-bd9pzshf2v
MD5

c1593185065ee09700c89d8c4d12e170
SHA1

29f47d63fda09f396fb0d2583b9ed687601ad207
SHA256

23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
SHA512

9105d70c84c8f5755b8328fa19e5d91cf82c218ca3ee3e94f9c3011e748939c392361294e02509a763a9fd482e35f297f49cca1cca69821187b69f2ca027c174
SSDEEP

24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aIcrl35sh:4TvC/MTQYxsWR7aIc5Js

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7.exe

Resource

win10v2004-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
- Size
  
  1.6MB
- MD5
  
  c1593185065ee09700c89d8c4d12e170
- SHA1
  
  29f47d63fda09f396fb0d2583b9ed687601ad207
- SHA256
  
  23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
- SHA512
  
  9105d70c84c8f5755b8328fa19e5d91cf82c218ca3ee3e94f9c3011e748939c392361294e02509a763a9fd482e35f297f49cca1cca69821187b69f2ca027c174
- SSDEEP
  
  24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aIcrl35sh:4TvC/MTQYxsWR7aIc5Js
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy