agenttesla | 8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3 | Triage

Submit
Reports

Overview

overview

Static

static

1

8fb239b0d4...f3.exe

windows7-x64

8fb239b0d4...f3.exe

windows10-2004-x64

Sharing

General

Target

8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3
Size

1.1MB
Sample

240508-bqjpbsde45
MD5

06388533c682f59188cf1ffbcdccf2b8
SHA1

07e292076b3864e15ff5f59e8c5716aa1526eba3
SHA256

8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3
SHA512

66af30850a245b50ffaba98a2669129fe7a232a6fb20020b4ca6ec58a1d2024baeeabdab8d8cf64051095907509413be9ceffcea2803a77c8ac8636c65cada13
SSDEEP

12288:GaHTg/Ewz5XzyNLcHu/nweVaeX2JzgskkNJckI1PHS0uBnY+ayxdyY2FCe5:UyNAOfweAPvrJI6GyxdyYg9

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3.exe

Resource

win7-20240419-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3.exe

Resource

win10v2004-20240419-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
gator3220.hostgator.com
Port:
587
Username:
[email protected]
Password:
28#75@ts76&&p!!@P
Email To:
[email protected]

Targets

- Target
  
  8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3
- Size
  
  1.1MB
- MD5
  
  06388533c682f59188cf1ffbcdccf2b8
- SHA1
  
  07e292076b3864e15ff5f59e8c5716aa1526eba3
- SHA256
  
  8fb239b0d4f35af1c3bd27a2b0934deb7e1c6dff1fcc56aa9023677f2a9993f3
- SHA512
  
  66af30850a245b50ffaba98a2669129fe7a232a6fb20020b4ca6ec58a1d2024baeeabdab8d8cf64051095907509413be9ceffcea2803a77c8ac8636c65cada13
- SSDEEP
  
  12288:GaHTg/Ewz5XzyNLcHu/nweVaeX2JzgskkNJckI1PHS0uBnY+ayxdyY2FCe5:UyNAOfweAPvrJI6GyxdyYg9
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy