agenttesla | 25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0 | Triage

Submit
Reports

Overview

overview

Static

static

5

25446c2c54...b0.exe

windows7-x64

25446c2c54...b0.exe

windows10-2004-x64

Sharing

General

Target

25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
Size

1.0MB
Sample

240424-ca4v1aea3x
MD5

92f1af3126899c911f5d1b3d41a94b21
SHA1

87ad0d4efc6ac814527fbbec8aecc34a29696a19
SHA256

25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
SHA512

1d553e793aafb1d463c203c25f92b0604468a142bce204df5193f661f29312498c393591f0929efef3e3169287f2bd8d1f509eb94e9f846f6f349ae5f37805e9
SSDEEP

24576:DAHnh+eWsN3skA4RV1Hom2KXMmHakW+BIUQUlCyW5:Oh+ZkldoPK8YakW0IUQUcD

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0.exe

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0.exe

Resource

win10v2004-20240412-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
webmail.empowerfiresafe.com
Port:
587
Username:
[email protected]
Password:
Jayapradha123@#$
Email To:
[email protected]

Targets

- Target
  
  25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
- Size
  
  1.0MB
- MD5
  
  92f1af3126899c911f5d1b3d41a94b21
- SHA1
  
  87ad0d4efc6ac814527fbbec8aecc34a29696a19
- SHA256
  
  25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
- SHA512
  
  1d553e793aafb1d463c203c25f92b0604468a142bce204df5193f661f29312498c393591f0929efef3e3169287f2bd8d1f509eb94e9f846f6f349ae5f37805e9
- SSDEEP
  
  24576:DAHnh+eWsN3skA4RV1Hom2KXMmHakW+BIUQUlCyW5:Oh+ZkldoPK8YakW0IUQUcD
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy