agenttesla | 16d6085b1b3c7d608b5cff2b87f853ac50455743b36271e63194461653b75374 | Triage

Submit
Reports

Overview

overview

Static

static

5

7ae3eb9667...6a.exe

windows7-x64

7ae3eb9667...6a.exe

windows10-2004-x64

Sharing

General

Target

16d6085b1b3c7d608b5cff2b87f853ac50455743b36271e63194461653b75374
Size

612KB
Sample

240511-hkwj9sec38
MD5

e98577d8d9e6ebf55976c2bb5d92a2d7
SHA1

11b44537bfeb378a8c53bc2c9c845ad2d50f4176
SHA256

16d6085b1b3c7d608b5cff2b87f853ac50455743b36271e63194461653b75374
SHA512

d71ccc1a3935675e1e6e87ca814b48a3cd9735edb0f244de444909c446491cc4cfd86a65cf92422792e69b7b93e60c071232f852c0bd926418ccf4ec7a027cd7
SSDEEP

12288:BuRa4Se3lkZhR84ZM+FWWpeKvMOP7moNKQ9e+b6snDILOzzbs0NPU:ofSeiS4ZMwWWpZFPqS19eADT46U

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7ae3eb9667598b99d881f909bb088454b9b445b1eaa0339491fe819c0bd66f6a.exe

Resource

win7-20240508-en

agenttesla keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

7ae3eb9667598b99d881f909bb088454b9b445b1eaa0339491fe819c0bd66f6a.exe

Resource

win10v2004-20240508-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.oasisvviss.com
Port:
587
Username:
[email protected]
Password:
!BEaPOL7

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.oasisvviss.com
Port:
587
Username:
[email protected]
Password:
!BEaPOL7
Email To:
[email protected]

Targets

- Target
  
  7ae3eb9667598b99d881f909bb088454b9b445b1eaa0339491fe819c0bd66f6a.exe
- Size
  
  1.0MB
- MD5
  
  ec464b21a34272867fe025654c86ac27
- SHA1
  
  83e97301902aba916b74f8d7716b67eabd093132
- SHA256
  
  7ae3eb9667598b99d881f909bb088454b9b445b1eaa0339491fe819c0bd66f6a
- SHA512
  
  1a0d1d343a2654928f4cd5ec8c512626a801c3c61459840707e5fe590fd47f7bfaf7f3871d31fd654e4e9a3431cbfb2c3610373bd095619926fda5823889026a
- SSDEEP
  
  24576:PAHnh+eWsN3skA4RV1Hom2KXMmHaPfl1VwuRlBqA/T5:yh+ZkldoPK8YaPtzwYH
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy