agenttesla | fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a | Triage

Submit
Reports

Overview

overview

Static

static

3

fdae95c7df...0a.exe

windows7-x64

1

fdae95c7df...0a.exe

windows10-2004-x64

Sharing

General

Target

fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a
Size

993KB
Sample

240425-dayvesec41
MD5

15f4d38208a21d8bacbecacf5176fcae
SHA1

ff03cb8db2907b77094f3a91093c5b69fb63fc3a
SHA256

fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a
SHA512

a1bcf7a865920bc318c705bdce505261498bda6e37fd782beccd03e4c7bf6e0dd7197d2c533233380ed52750ee9f2175ee93ef37d017e6533411f04df605596d
SSDEEP

24576:80rxR8wkw+HIf8V7cLFX+8Wi5lUYCIeSrXKjIlimGec+p:8+8wkw+HIf8BcLFX+DiiIe8XKEIm9x

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a.exe

Resource

win10v2004-20240226-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.normagroup.com.tr
Port:
21
Username:
[email protected]
Password:
Bossu_56@@12345@_

Targets

- Target
  
  fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a
- Size
  
  993KB
- MD5
  
  15f4d38208a21d8bacbecacf5176fcae
- SHA1
  
  ff03cb8db2907b77094f3a91093c5b69fb63fc3a
- SHA256
  
  fdae95c7df81f23913df0f516015d1b02c3bd3651fb927921e597b67f578e20a
- SHA512
  
  a1bcf7a865920bc318c705bdce505261498bda6e37fd782beccd03e4c7bf6e0dd7197d2c533233380ed52750ee9f2175ee93ef37d017e6533411f04df605596d
- SSDEEP
  
  24576:80rxR8wkw+HIf8V7cLFX+8Wi5lUYCIeSrXKjIlimGec+p:8+8wkw+HIf8BcLFX+DiiIe8XKEIm9x
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy