agenttesla | 27641498d9b498595cd6a181370f81b1e3b64d7155ff95f012babf362b60b4e2 | Triage

Submit
Reports

Overview

overview

Static

static

7

1b3a73040e...d3.exe

windows7-x64

1b3a73040e...d3.exe

windows10-2004-x64

Sharing

General

Target

1b3a73040e35a4aad3694d3d036446d3.bin
Size

2.8MB
Sample

240327-bqh3ssbh4s
MD5

1b3a73040e35a4aad3694d3d036446d3
SHA1

9f64debc8f7fe6ffd922073da0f4ed54139ad9c8
SHA256

27641498d9b498595cd6a181370f81b1e3b64d7155ff95f012babf362b60b4e2
SHA512

f9e3276149ec2e2084b69464002c3c58d519bd32ac3f012f92cdb310af24a597e69e079d1ccc573437f52ef0ab35b07884316b91f7013060e5695964f14a1fd3
SSDEEP

49152:ZIMqVJqJIXxNjdCHoE0exs/fV4BgZ/A/M0rIV2yyX/Nn:Z3PIGoy/BgZ/OR80ySn

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1b3a73040e35a4aad3694d3d036446d3.exe

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b3a73040e35a4aad3694d3d036446d3.exe

Resource

win10v2004-20240226-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b3a73040e35a4aad3694d3d036446d3.bin
- Size
  
  2.8MB
- MD5
  
  1b3a73040e35a4aad3694d3d036446d3
- SHA1
  
  9f64debc8f7fe6ffd922073da0f4ed54139ad9c8
- SHA256
  
  27641498d9b498595cd6a181370f81b1e3b64d7155ff95f012babf362b60b4e2
- SHA512
  
  f9e3276149ec2e2084b69464002c3c58d519bd32ac3f012f92cdb310af24a597e69e079d1ccc573437f52ef0ab35b07884316b91f7013060e5695964f14a1fd3
- SSDEEP
  
  49152:ZIMqVJqJIXxNjdCHoE0exs/fV4BgZ/A/M0rIV2yyX/Nn:Z3PIGoy/BgZ/OR80ySn
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy