agenttesla | 53eeff9f4fa0473d90cf4abe978ff60d5898d2527924a593ef877303cab88a5b | Triage

Submit
Reports

Overview

overview

Static

static

3

Byte Guard Free.exe

windows10-2004-x64

Sharing

General

Target

Byte Guard Free.exe
Size

2.4MB
Sample

240521-1mdrcabd8z
MD5

32eee970bec927fd068197918edac5a4
SHA1

8aa4820931aa228856f12fc516f886dab4d12e28
SHA256

53eeff9f4fa0473d90cf4abe978ff60d5898d2527924a593ef877303cab88a5b
SHA512

d47d2fbc9d4b9a47d0b5b1076aaa89b20ba72a9625e9fcfd57f000bc14abc11aff60123667bbb6998fa5bdff65b7207f410cc6008207fc2362db1d99c80afbe8
SSDEEP

49152:3Ls8e8SkGMITYbNbNWo4kSH3OqtwI2MrBm6w30IfRaRf:3PecGMIT4bNJFY3OqtxdmDDJef

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Byte Guard Free.exe

Resource

win10v2004-20240508-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

13 signatures

600 seconds

Malware Config

Targets

- Target
  
  Byte Guard Free.exe
- Size
  
  2.4MB
- MD5
  
  32eee970bec927fd068197918edac5a4
- SHA1
  
  8aa4820931aa228856f12fc516f886dab4d12e28
- SHA256
  
  53eeff9f4fa0473d90cf4abe978ff60d5898d2527924a593ef877303cab88a5b
- SHA512
  
  d47d2fbc9d4b9a47d0b5b1076aaa89b20ba72a9625e9fcfd57f000bc14abc11aff60123667bbb6998fa5bdff65b7207f410cc6008207fc2362db1d99c80afbe8
- SSDEEP
  
  49152:3Ls8e8SkGMITYbNbNWo4kSH3OqtwI2MrBm6w30IfRaRf:3PecGMIT4bNJFY3OqtxdmDDJef
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy