agenttesla | 7d3c49b95c71514ce8885851899689c3043a0aac72408cf1642765100c1c407f | Triage

Submit
Reports

Overview

overview

Static

static

5

ΤΙΜΟΛ...4 .exe

windows7-x64

ΤΙΜΟΛ...4 .exe

windows10-2004-x64

Sharing

General

Target

a1f394fdfc8f591f57b8eee005596a503ca2a7b9.zip.tar.gz
Size

682KB
Sample

240326-mle15aba7y
MD5

491954811f203c76db715635a7303891
SHA1

7da7f2d37dff392cc45a0fdea4948f224df1526d
SHA256

7d3c49b95c71514ce8885851899689c3043a0aac72408cf1642765100c1c407f
SHA512

1396faed6ba62a5e43dcc967bf2a580749285dda56ae57c86394851d07bcf5de6e62a34fdbed30ef94aa842ddddfcc5c6ffaf3205a78db95b90a126345871040
SSDEEP

12288:nlhzwLoysdYh96NNRtjfknnJJpB284tEyDii/5Y4C9oW+xEJ7SLAtSvLcC5Ft:nlhksy9U77QJWieSR+eXtSvLcC5T

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ΤΙΜΟΛΟΓΙΟ_FEB-888201-2024 00594 .exe

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ΤΙΜΟΛΟΓΙΟ_FEB-888201-2024 00594 .exe

Resource

win10v2004-20240226-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
bezelety.top
Port:
587
Username:
[email protected]
Password:
IxF(..bSed6k
Email To:
[email protected]

Targets

- Target
  
  ΤΙΜΟΛΟΓΙΟ_FEB-888201-2024 00594 .exe
- Size
  
  1.1MB
- MD5
  
  223a09cb11e9123590ee2e708063cbed
- SHA1
  
  bf91ff4d371bfb25ea07a021afe4765f489b0568
- SHA256
  
  3628d562c329c8c628bfef6ac60b22b09b9154d5cd76f6769bf45fdd1ec617b7
- SHA512
  
  95196e20ca6b4c49131e06780598eac4a530925db2e2e6dcaedb9b713a03296e01a062c0ab9902fc88f0808a425514cff235a34ba97e4a26376d9975dc08f5e0
- SSDEEP
  
  24576:0qDEvCTbMWu7rQYlBQcBiT6rprG8aAeRFeNdc:0TvC/MTQYxsWR7aAeRFe3
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy