agenttesla | c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15 | Triage

Submit
Reports

Overview

overview

Static

static

3

c6c31ce35e...15.exe

windows7-x64

c6c31ce35e...15.exe

windows10-2004-x64

Sharing

General

Target

c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15
Size

121KB
Sample

240315-bg171sch2z
MD5

9e36d6ac7a12934fb7c600440b636791
SHA1

0b28eddd79a56c5853e28e0474dfe672354f145b
SHA256

c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15
SHA512

efb804202f35c5810e31a940cc60857d691ebcdc1c7a1df323bf028fb150211fb9b4125181283a956b3a1bc095c737145e3ff64baafd4daabf5033fceb6b96d0
SSDEEP

3072:r3ViQKDg83EYB61Rkf2CXosVp9ggFHlPy736SY6mripUqVu:r3qU83l6zS2MX6gFFy7Lm+

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15.exe

Resource

win7-20240220-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15.exe

Resource

win10v2004-20240226-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://discord.com/api/webhooks/1217315513764679760/qp0dpgsN2rfNijoHbj92f7XdY-npVNaa0ZG5zrWuOAdp7LGYuJpjsU1F0vo_iasZWumw

Targets

- Target
  
  c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15
- Size
  
  121KB
- MD5
  
  9e36d6ac7a12934fb7c600440b636791
- SHA1
  
  0b28eddd79a56c5853e28e0474dfe672354f145b
- SHA256
  
  c6c31ce35e7270c349dec90b7fe15290f0a9bbf413883f61d27841a7158e0c15
- SHA512
  
  efb804202f35c5810e31a940cc60857d691ebcdc1c7a1df323bf028fb150211fb9b4125181283a956b3a1bc095c737145e3ff64baafd4daabf5033fceb6b96d0
- SSDEEP
  
  3072:r3ViQKDg83EYB61Rkf2CXosVp9ggFHlPy736SY6mripUqVu:r3qU83l6zS2MX6gFFy7Lm+
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy