agenttesla | 06cbb214e44791a90b28dc4df31057d48c7ec87a0ed3567cdcd8b7dd0da8625d | Triage

Submit
Reports

Overview

overview

Static

static

5

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp.bin
Size

1.3MB
Sample

240424-cx3apaec3s
MD5

f5f8fafcfec35eae5610bceebcdac898
SHA1

8dc1e3d6066a0694d6a97662772dd67b7ce1442e
SHA256

06cbb214e44791a90b28dc4df31057d48c7ec87a0ed3567cdcd8b7dd0da8625d
SHA512

f3ddb08fc2893f5d5372b990ed43d7076a51b8245c87a438763ffe39a39cb100190e91e812e78ad48cce6fa4de5293e278d3cff4007521aee94d718fd3c709d3
SSDEEP

24576:hAHnh+eWsN3skA4RV1Hom2KXMmHaLli8dqKGDGDpA5:4h+ZkldoPK8YaLjddGB

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20240226-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  tmp.bin
- Size
  
  1.3MB
- MD5
  
  f5f8fafcfec35eae5610bceebcdac898
- SHA1
  
  8dc1e3d6066a0694d6a97662772dd67b7ce1442e
- SHA256
  
  06cbb214e44791a90b28dc4df31057d48c7ec87a0ed3567cdcd8b7dd0da8625d
- SHA512
  
  f3ddb08fc2893f5d5372b990ed43d7076a51b8245c87a438763ffe39a39cb100190e91e812e78ad48cce6fa4de5293e278d3cff4007521aee94d718fd3c709d3
- SSDEEP
  
  24576:hAHnh+eWsN3skA4RV1Hom2KXMmHaLli8dqKGDGDpA5:4h+ZkldoPK8YaLjddGB
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2024

Terms | Privacy