agenttesla | 8469aab5df746e3e9d2091b6b062cd8611a98407f3012d0624fce975fe556886 | Triage

Submit
Reports

Overview

overview

Static

static

5

GGGGjjKKK.exe

windows7-x64

GGGGjjKKK.exe

windows10-2004-x64

Sharing

General

Target

8469aab5df746e3e9d2091b6b062cd8611a98407f3012d0624fce975fe556886
Size

739KB
Sample

240507-bpjypsbh8v
MD5

65903b455e65062946ee87ca2b77d649
SHA1

a786edc9f739894fbea377002a496c61483a3b13
SHA256

8469aab5df746e3e9d2091b6b062cd8611a98407f3012d0624fce975fe556886
SHA512

ccac40df7c176291e6e7d3ec35b0d424272129c3f863ce471f529466393b1be4f7862e7efc1fa8acac0b76872291a4e8c26f98b2b7d8b8d42a4efa49ca1293a6
SSDEEP

12288:dctKvfHEBuJK9pPCS/bwmqim3AuTCFiozapf9WKMgiA0V4R/R8pN:dEEfkBhCSnqTTou9v3gN

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

GGGGjjKKK.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

GGGGjjKKK.exe

Resource

win10v2004-20240419-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  GGGGjjKKK.exe
- Size
  
  1.2MB
- MD5
  
  5ce6009af93a6907681096fca30dcc4d
- SHA1
  
  ea618a9dd5ba84c57d5331fce0b7893ccb465f79
- SHA256
  
  b0b3c197a59b4681378807bdf94de6bcd947b05041ed0cc3eaf04abd25a3dc5c
- SHA512
  
  5b11f839a11148aca8b5d72d9fc8455a3ecbc678d6429260ef45f2e561cd50af46a76216af4fd1cad1d5c8fa39eb847b5349b15e72a1a775b6a487d2373c8aef
- SSDEEP
  
  24576:TqDEvCTbMWu7rQYlBQcBiT6rprG8ayo13UN5:TTvC/MTQYxsWR7ayo13U
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy