agenttesla | 1ec8dfd127970aeaa735e42a7484f1329f44953db3c9e52121c778f197157c72 | Triage

Submit
Reports

Overview

overview

Static

static

3

SWIFT-jpeg.exe

windows7-x64

SWIFT-jpeg.exe

windows10-2004-x64

Sharing

General

Target

SWIFT-jpeg.exe
Size

656KB
Sample

240429-hh292acg95
MD5

f8f55fec50b970cf9d512022419fce4a
SHA1

9924d38ba3d75aed0b63e51e9b6665cef6b7df28
SHA256

1ec8dfd127970aeaa735e42a7484f1329f44953db3c9e52121c778f197157c72
SHA512

420e7e521588c61abd809668386b7f2076938d5f8788d3681a6d920c64b7924d3fdbc04dea12327587238417fbd2665fedc0cf2bb73ce07185e0135bcbbb4f1e
SSDEEP

12288:AIDB778QDphlsvkrC/nak1R0GkBSP6ct0g1eTx2UZegXcdF53:DDBLDC/P0GtP6qeTrEgXI53

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SWIFT-jpeg.exe

Resource

win7-20240215-en

agenttesla keylogger spyware stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

SWIFT-jpeg.exe

Resource

win10v2004-20240419-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.armos.ro
Port:
587
Username:
[email protected]
Password:
NFVFAmBj
Email To:
[email protected]

Targets

- Target
  
  SWIFT-jpeg.exe
- Size
  
  656KB
- MD5
  
  f8f55fec50b970cf9d512022419fce4a
- SHA1
  
  9924d38ba3d75aed0b63e51e9b6665cef6b7df28
- SHA256
  
  1ec8dfd127970aeaa735e42a7484f1329f44953db3c9e52121c778f197157c72
- SHA512
  
  420e7e521588c61abd809668386b7f2076938d5f8788d3681a6d920c64b7924d3fdbc04dea12327587238417fbd2665fedc0cf2bb73ce07185e0135bcbbb4f1e
- SSDEEP
  
  12288:AIDB778QDphlsvkrC/nak1R0GkBSP6ct0g1eTx2UZegXcdF53:DDBLDC/P0GtP6qeTrEgXI53
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy