agenttesla | 566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61 | Triage

Submit
Reports

Overview

overview

Static

static

5

566d8d4d30...61.exe

windows7-x64

566d8d4d30...61.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61
Size

1.1MB
Sample

240605-bjcx7shf2x
MD5

32126d19a3ae881231dcf8206de936ac
SHA1

4382018d3d2b0930eb4946b30214cf7d90a1f24f
SHA256

566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61
SHA512

105b9c2279cb36a2ead371b483b7cf3c5fe20d18bf1c3f23386b6272595a893e4ae65b556da757106199ea330b45e0026911dd6bbecf4a0a845fbc8e2605b610
SSDEEP

24576:LAHnh+eWsN3skA4RV1Hom2KXMmHa4Dio3pzobjt7wrxjb5:mh+ZkldoPK8Ya4DiKAZErxp

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61.exe

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61.exe

Resource

win10v2004-20240426-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61
- Size
  
  1.1MB
- MD5
  
  32126d19a3ae881231dcf8206de936ac
- SHA1
  
  4382018d3d2b0930eb4946b30214cf7d90a1f24f
- SHA256
  
  566d8d4d30d0c6b04f89eaa3e0a15b365ba27da3383d7e07454671cc66037e61
- SHA512
  
  105b9c2279cb36a2ead371b483b7cf3c5fe20d18bf1c3f23386b6272595a893e4ae65b556da757106199ea330b45e0026911dd6bbecf4a0a845fbc8e2605b610
- SSDEEP
  
  24576:LAHnh+eWsN3skA4RV1Hom2KXMmHa4Dio3pzobjt7wrxjb5:mh+ZkldoPK8Ya4DiKAZErxp
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy