agenttesla | cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372 | Triage

Submit
Reports

Overview

overview

Static

static

5

cd244ca9c1...72.exe

windows7-x64

cd244ca9c1...72.exe

windows10-2004-x64

Sharing

General

Target

cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372
Size

1.2MB
Sample

240509-bht54acd69
MD5

e1098f13419f159b381bb0e618ac2b7a
SHA1

536dd41423d37a6821f57ddc983abbc25684161f
SHA256

cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372
SHA512

ee34ff5006ebf9a6d5eb1c0b3addc9a79bdb91345f6002e7208dc57cb5dfad4e7ddbd05d9aa82399dcecc6271992eebb5830b3788f4ff5787a01d5e784347dbf
SSDEEP

24576:bqDEvCTbMWu7rQYlBQcBiT6rprG8a0jCuHtVr988:bTvC/MTQYxsWR7a0mOVh8

Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372.exe

Resource

win7-20240221-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372.exe

Resource

win10v2004-20240508-en

agenttesla zgrat keylogger rat spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372
- Size
  
  1.2MB
- MD5
  
  e1098f13419f159b381bb0e618ac2b7a
- SHA1
  
  536dd41423d37a6821f57ddc983abbc25684161f
- SHA256
  
  cd244ca9c1a284a8e9ea743bd516d93862b797465dad6dad5e28efe8d74ac372
- SHA512
  
  ee34ff5006ebf9a6d5eb1c0b3addc9a79bdb91345f6002e7208dc57cb5dfad4e7ddbd05d9aa82399dcecc6271992eebb5830b3788f4ff5787a01d5e784347dbf
- SSDEEP
  
  24576:bqDEvCTbMWu7rQYlBQcBiT6rprG8a0jCuHtVr988:bTvC/MTQYxsWR7a0mOVh8
Score

10^/10

agenttesla zgrat keylogger rat spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslazgratkeyloggerratspywarestealertrojan

behavioral2

agentteslazgratkeyloggerratspywarestealertrojan

© 2018-2025

Terms | Privacy