agenttesla | f82201001b59349d21b69f20d2555ddecf6f536372e0154e9c8c2ab076a79e39 | Triage

Submit
Reports

Overview

overview

Static

static

7

2154355d06...cc.exe

windows7-x64

2154355d06...cc.exe

windows10-2004-x64

7

2154355d06...cc.exe

windows11-21h2-x64

Sharing

General

Target

17323375902.zip
Size

509KB
Sample

240523-hdwxfsge39
MD5

8fd49fd1d1c2e2d2da7b1096b8325327
SHA1

5687cd7e3006dfd48ca8ecd77c163539c0e6bf2d
SHA256

f82201001b59349d21b69f20d2555ddecf6f536372e0154e9c8c2ab076a79e39
SHA512

5b88207bc31b28e4fff4316a72eb4a1297a263f24bc064541e42c51a349a1bddcb02f17a733900733f762f6f3d27267f208e964500bbca2dd6f1dac3cdc46bfb
SSDEEP

12288:R5A5+X389vM1WBSHsW8SKaJzhqGvl86mGJuNw:Ri5QsNM1NsW8zKhqG3CC

Score

10^/10

agenttesla keylogger spyware stealer trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2154355d065c01bd1f2033d19171c4feb73890f9b0b3b32f22b30465cf02cdcc.exe

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2154355d065c01bd1f2033d19171c4feb73890f9b0b3b32f22b30465cf02cdcc.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

2154355d065c01bd1f2033d19171c4feb73890f9b0b3b32f22b30465cf02cdcc.exe

Resource

win11-20240426-en

agenttesla keylogger spyware stealer trojan upx

windows11-21h2-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
aYl@txL3
Email To:
[email protected]

Targets

- Target
  
  2154355d065c01bd1f2033d19171c4feb73890f9b0b3b32f22b30465cf02cdcc
- Size
  
  534KB
- MD5
  
  964d279bfb23ac4da04351438d6687ff
- SHA1
  
  94b505b31344e90d230ada55c8a4c75e2909befa
- SHA256
  
  2154355d065c01bd1f2033d19171c4feb73890f9b0b3b32f22b30465cf02cdcc
- SHA512
  
  a2035d3c0ba90a4e936d0bdef283c320fce5abb515d8cbbe017db66d5bf057a8ac0b225faa775ce4cbada385d2d8c1cc1c6320090f55698b4888dc31236b6fca
- SSDEEP
  
  12288:QYV6MorX7qzuC3QHO9FQVHPF51jgcrQ2G3CaD2fCt0wewCflW9N8:vBXu9HGaVHcByhaeuiW9N8
Score

10^/10

agenttesla keylogger spyware stealer trojan upx
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojanupx

behavioral2

behavioral3

agentteslakeyloggerspywarestealertrojanupx

© 2018-2024

Terms | Privacy