agenttesla | 747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d | Triage

Submit
Reports

Overview

overview

Static

static

5

747e2616e2...7d.exe

windows7-x64

747e2616e2...7d.exe

windows10-2004-x64

Sharing

General

Target

747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
Size

1.2MB
Sample

240522-ct3r2shc72
MD5

45a16a0b082e9b7a39c3c9e89a7f50b4
SHA1

04c468ecc20e99e63b8defff04a953e640570ba4
SHA256

747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
SHA512

4204ae993ed74034bc999e4049880e492d463bfc0c915d0bee6fa550fe3d354e27bf5a59411ccdb99d21f36edfee232e7d4138bd0229fa37edeba70619628240
SSDEEP

24576:BAHnh+eWsN3skA4RV1Hom2KXMmHa+gMrWENROPBc5:Yh+ZkldoPK8Yax0tMPA

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d.exe

Resource

win7-20231129-en

agenttesla keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d.exe

Resource

win10v2004-20240508-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
- Size
  
  1.2MB
- MD5
  
  45a16a0b082e9b7a39c3c9e89a7f50b4
- SHA1
  
  04c468ecc20e99e63b8defff04a953e640570ba4
- SHA256
  
  747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
- SHA512
  
  4204ae993ed74034bc999e4049880e492d463bfc0c915d0bee6fa550fe3d354e27bf5a59411ccdb99d21f36edfee232e7d4138bd0229fa37edeba70619628240
- SSDEEP
  
  24576:BAHnh+eWsN3skA4RV1Hom2KXMmHa+gMrWENROPBc5:Yh+ZkldoPK8Yax0tMPA
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy