agenttesla | 73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61 | Triage

Submit
Reports

Overview

overview

Static

static

5

73d25bac1f...61.exe

windows7-x64

73d25bac1f...61.exe

windows10-2004-x64

Sharing

General

Target

73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61
Size

1.3MB
Sample

240425-dytklsef7t
MD5

e0d619ab78f91ae4c6f01841f903a2a1
SHA1

737b05b2e06af2f6b45a346b4f13f79f95d8e056
SHA256

73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61
SHA512

8e948f9a6ddf457b0bdc44b0bb2939786379ad9c65dbc1256a5681c67837704833ba2cd298dc3d3ffb8e9a29340e01fad2821b8d15901c501458476b9119d855
SSDEEP

24576:YAHnh+eWsN3skA4RV1Hom2KXMmHaiUrV3dfyvoIvyh5:fh+ZkldoPK8YaiUpb08

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61.exe

Resource

win10v2004-20240412-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61
- Size
  
  1.3MB
- MD5
  
  e0d619ab78f91ae4c6f01841f903a2a1
- SHA1
  
  737b05b2e06af2f6b45a346b4f13f79f95d8e056
- SHA256
  
  73d25bac1fe03ff4d8c114c49b62154ef651607f3c8398a9cbdab38d70791b61
- SHA512
  
  8e948f9a6ddf457b0bdc44b0bb2939786379ad9c65dbc1256a5681c67837704833ba2cd298dc3d3ffb8e9a29340e01fad2821b8d15901c501458476b9119d855
- SSDEEP
  
  24576:YAHnh+eWsN3skA4RV1Hom2KXMmHaiUrV3dfyvoIvyh5:fh+ZkldoPK8YaiUpb08
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2024

Terms | Privacy