agenttesla | 9acb9f4966952d4ed42b022571a42309b73921609702e027fd7bd23e1cafb35a | Triage

Submit
Reports

Overview

overview

Static

static

1

XWorm-V5.3

windows7-x64

3

XWorm-V5.3

windows10-2004-x64

Sharing

General

Target

XWorm-V5.3
Size

251KB
Sample

240501-l16xqacc7s
MD5

e2bfd8153db53876cec297cb5bdd9795
SHA1

d1d01aa7bfb357dec83669268607f2667b54d0de
SHA256

9acb9f4966952d4ed42b022571a42309b73921609702e027fd7bd23e1cafb35a
SHA512

e15268dd73cb26c8c6359f3fc4d834a455d9f42865c001d8bc9b264257d24d1118b5f50066e51a948cdf3e83fa0bc9109f1ad1a77a0a92b0ca04c40cf733ccbc
SSDEEP

6144:jtQhY2n9ddKM2vkm0aWyRv37P9lvZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vi0ZTY:hQhY2n9ddKM2vkm0aWyRv3z9lvZJT3Ck

Score

10^/10

agenttesla agilenet keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

XWorm-V5.3

Resource

win7-20240220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

XWorm-V5.3

Resource

win10v2004-20240419-en

agenttesla agilenet keylogger spyware stealer trojan

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  XWorm-V5.3
- Size
  
  251KB
- MD5
  
  e2bfd8153db53876cec297cb5bdd9795
- SHA1
  
  d1d01aa7bfb357dec83669268607f2667b54d0de
- SHA256
  
  9acb9f4966952d4ed42b022571a42309b73921609702e027fd7bd23e1cafb35a
- SHA512
  
  e15268dd73cb26c8c6359f3fc4d834a455d9f42865c001d8bc9b264257d24d1118b5f50066e51a948cdf3e83fa0bc9109f1ad1a77a0a92b0ca04c40cf733ccbc
- SSDEEP
  
  6144:jtQhY2n9ddKM2vkm0aWyRv37P9lvZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vi0ZTY:hQhY2n9ddKM2vkm0aWyRv3z9lvZJT3Ck
Score

10^/10

agenttesla agilenet keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

agentteslaagilenetkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy