agenttesla | 4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0 | Triage

Submit
Reports

Overview

overview

Static

static

5

4b034a6816...b0.exe

windows7-x64

4b034a6816...b0.exe

windows10-2004-x64

Sharing

General

Target

4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
Size

1.0MB
Sample

240426-bkbfrsgg66
MD5

71a20552e882e95d0ee1260cf50a9e8a
SHA1

2a142b7a20e96750d258093a9660e0fe01ffdcd0
SHA256

4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
SHA512

0d75ad9c0bc39533388cf410221513a8c8afed5269f1dade0afd61f6d363a8986ad26eec60523552b833d8c39dc8399d0abc7f00d359a7422810edf3286e97f1
SSDEEP

24576:NAHnh+eWsN3skA4RV1Hom2KXMmHaORLMyNHL9n5:sh+ZkldoPK8YaOBMYL

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0.exe

Resource

win7-20231129-en

agenttesla keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0.exe

Resource

win10v2004-20240412-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.itzayanaland.com
Port:
587
Username:
[email protected]
Password:
Vxha5,yybO%M ---
Email To:
[email protected]

Targets

- Target
  
  4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
- Size
  
  1.0MB
- MD5
  
  71a20552e882e95d0ee1260cf50a9e8a
- SHA1
  
  2a142b7a20e96750d258093a9660e0fe01ffdcd0
- SHA256
  
  4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
- SHA512
  
  0d75ad9c0bc39533388cf410221513a8c8afed5269f1dade0afd61f6d363a8986ad26eec60523552b833d8c39dc8399d0abc7f00d359a7422810edf3286e97f1
- SSDEEP
  
  24576:NAHnh+eWsN3skA4RV1Hom2KXMmHaORLMyNHL9n5:sh+ZkldoPK8YaOBMYL
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy