agenttesla | 02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f | Triage

Submit
Reports

Overview

overview

Static

static

7

02556219ae...4f.exe

windows7-x64

02556219ae...4f.exe

windows10-2004-x64

Sharing

General

Target

02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f
Size

689KB
Sample

240506-bgl34aeh55
MD5

f788cef662fc40497cf24927895583c1
SHA1

41becdb5cce68747892b5056117c97d00cf321c1
SHA256

02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f
SHA512

8f987d7b1b234ca10bc2873dd81609026915a02359b32db08ff7b518b5e752db0c96748f76395e934e4cc692d75fd18e301778c52d48c1a204ff55b560a5789f
SSDEEP

12288:ZsHzOUNUSB/o5LsI1uwajJ5yvv1l2J1OqE4xNS77eWpafibNk:AiUmSB/o5d1ubcvC3JzS7RqibNk

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f.exe

Resource

win10v2004-20240419-en

agenttesla zgrat keylogger rat spyware stealer trojan upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f
- Size
  
  689KB
- MD5
  
  f788cef662fc40497cf24927895583c1
- SHA1
  
  41becdb5cce68747892b5056117c97d00cf321c1
- SHA256
  
  02556219aeb4a8190af7483698602a3cbd1acfbb7c4204b9c363ae8b2bfabc4f
- SHA512
  
  8f987d7b1b234ca10bc2873dd81609026915a02359b32db08ff7b518b5e752db0c96748f76395e934e4cc692d75fd18e301778c52d48c1a204ff55b560a5789f
- SSDEEP
  
  12288:ZsHzOUNUSB/o5LsI1uwajJ5yvv1l2J1OqE4xNS77eWpafibNk:AiUmSB/o5d1ubcvC3JzS7RqibNk
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan upx
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojanupx

behavioral2

agentteslazgratkeyloggerratspywarestealertrojanupx

© 2018-2025

Terms | Privacy