agenttesla | c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

c0cb57fc9b...c6.exe

windows7-x64

c0cb57fc9b...c6.exe

windows10-2004-x64

Sharing

General

Target

c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe
Size

1.1MB
Sample

240608-h45bhsab3v
MD5

eab04ba8851e5ff9a16555aa714be99c
SHA1

d8bd9ac62747f146088d69cc4f97385535c78241
SHA256

c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6
SHA512

79a19e05c33eb5fd817f1151d673278b8a1c0fdca6e3d1fbb8684224608690141c436fd63e30b0e89504224ef484909369859a5af436b47c775d85e5532c618c
SSDEEP

24576:XAHnh+eWsN3skA4RV1Hom2KXMmHaJqL08fAAW5:Kh+ZkldoPK8YaJqLJfAR

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe

Resource

win7-20240508-en

agenttesla keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe

Resource

win10v2004-20240226-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
@qwerty90123
Email To:
[email protected]

Targets

- Target
  
  c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe
- Size
  
  1.1MB
- MD5
  
  eab04ba8851e5ff9a16555aa714be99c
- SHA1
  
  d8bd9ac62747f146088d69cc4f97385535c78241
- SHA256
  
  c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6
- SHA512
  
  79a19e05c33eb5fd817f1151d673278b8a1c0fdca6e3d1fbb8684224608690141c436fd63e30b0e89504224ef484909369859a5af436b47c775d85e5532c618c
- SSDEEP
  
  24576:XAHnh+eWsN3skA4RV1Hom2KXMmHaJqL08fAAW5:Kh+ZkldoPK8YaJqLJfAR
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy