agenttesla | b3e0a37ca6360fd82823105dc934c80c3b2d5e405af9d3fd0bb27b2a96f6c9de | Triage

Submit
Reports

Overview

overview

Static

static

5

d202f0b84b...25.exe

windows7-x64

d202f0b84b...25.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

d5f853358e53cae39dba60601507842c.bin
Size

761KB
Sample

240313-d3vngabg8x
MD5

c424b5d6c94779dfec136299c1e8a7c0
SHA1

4187bdd03a1e15f90b65b17a1651c799cae56fe0
SHA256

b3e0a37ca6360fd82823105dc934c80c3b2d5e405af9d3fd0bb27b2a96f6c9de
SHA512

d25be4e5730d7ef6be95f66c11b6ac3c29b8ccc27e74faa82736038f0e5da008fd25acaba1995f523347176f8b9e9521cffae638375790850f528a5bf7c0e28e
SSDEEP

12288:0Y5lbsB9TA3pDdTkQrOnwDz+bwZGWr+3RYJGG+diULk5krlhy3GTmpwjnowgiK+N:0Y3s9s3pDuQyn+z+bwYWr+h9xdiULOG7

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d202f0b84b0e2a15c1c90284d0286b8b497e245e6b083e7b98294e1227d52925.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

d202f0b84b0e2a15c1c90284d0286b8b497e245e6b083e7b98294e1227d52925.exe

Resource

win10v2004-20240226-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  d202f0b84b0e2a15c1c90284d0286b8b497e245e6b083e7b98294e1227d52925.exe
- Size
  
  1.2MB
- MD5
  
  d5f853358e53cae39dba60601507842c
- SHA1
  
  c76532dba79ec69659b4cdb8adddbc8417662d76
- SHA256
  
  d202f0b84b0e2a15c1c90284d0286b8b497e245e6b083e7b98294e1227d52925
- SHA512
  
  04d13c04ee6a88b10ca0fe7d08fe8e0114b2c20aa792cd238830d1971ef3488df0a51821d077cc491b1b99a86f9f726512c1c449c07aacb96c9bb4e03e129f1e
- SSDEEP
  
  24576:UAHnh+eWsN3skA4RV1Hom2KXMmHaedfN2ffZ/socXiFi5:jh+ZkldoPK8Yaed1mZ/socSK
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy