agenttesla | 44437ef0c2d0c343704559ffdad6ca996abd284b3f6fb1e87497febb5b29fffc | Triage

Submit
Reports

Overview

overview

Static

static

3

XWorm V5.2.exe

windows10-2004-x64

Sharing

General

Target

XWorm V5.2.exe
Size

33.3MB
Sample

240527-2ca35sdc93
MD5

1c2cd073a230901a06156aaa52937873
SHA1

93230345a666090adbb49316a0e77d8f97c4f5f1
SHA256

44437ef0c2d0c343704559ffdad6ca996abd284b3f6fb1e87497febb5b29fffc
SHA512

d5e0cc9d5bca2318104b531ed9fed9dce7c0a96758b697273909b30d8ff7849a02de767a20ddbac993e653a2f8ef56769664f6841957c2884f5bb07695da85c8
SSDEEP

786432:ffvzciPWoAfmxXowcP/2WKq/kqrsDGY3B0AE//3loS:/zce6xjsqrsDnGlb

Score

10^/10

agenttesla agilenet keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

XWorm V5.2.exe

Resource

win10v2004-20240508-en

agenttesla agilenet keylogger spyware stealer trojan

windows10-2004-x64

14 signatures

300 seconds

Malware Config

Targets

- Target
  
  XWorm V5.2.exe
- Size
  
  33.3MB
- MD5
  
  1c2cd073a230901a06156aaa52937873
- SHA1
  
  93230345a666090adbb49316a0e77d8f97c4f5f1
- SHA256
  
  44437ef0c2d0c343704559ffdad6ca996abd284b3f6fb1e87497febb5b29fffc
- SHA512
  
  d5e0cc9d5bca2318104b531ed9fed9dce7c0a96758b697273909b30d8ff7849a02de767a20ddbac993e653a2f8ef56769664f6841957c2884f5bb07695da85c8
- SSDEEP
  
  786432:ffvzciPWoAfmxXowcP/2WKq/kqrsDGY3B0AE//3loS:/zce6xjsqrsDnGlb
Score

10^/10

agenttesla agilenet keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslaagilenetkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy