agenttesla | 69cc2a01c58024d4636306daa5aeb3ae73ed828f0db0cded3f445927490677e9 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm_v5.6...on.rar

windows10-2004-x64

Sharing

General

Target

XWorm_v5.6_Edition.rar
Size

22.0MB
Sample

240711-mb7ndsvcma
MD5

e507ace7818139e1958dd125558fa537
SHA1

a60b68bfcdaf26f783216665d75872e9f9608000
SHA256

69cc2a01c58024d4636306daa5aeb3ae73ed828f0db0cded3f445927490677e9
SHA512

6268c253ccd5c2726e9e5c6dd7a5dc03570889e1d329f2ae23080696a28f5f215202ed2717478c4de5954017eb982409ff4e041a1e21e3a0ae6c2f965faad1f7
SSDEEP

393216:xkY1HmfIGGd1RiOrUmIlGokw+/jyZAgeOf9fEHgVhQpUdaQ9Fdd:xJEAGGRiSzGGpn/GAg5fiAjjdVd

Score

10^/10

agenttesla stormkitty xworm keylogger spyware stealer trojan

Static task

static1

agenttesla stormkitty xworm

8 signatures

Behavioral task

behavioral1

Sample

XWorm_v5.6_Edition.rar

Resource

win10v2004-20240709-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

19 signatures

1800 seconds

Malware Config

Targets

- Target
  
  XWorm_v5.6_Edition.rar
- Size
  
  22.0MB
- MD5
  
  e507ace7818139e1958dd125558fa537
- SHA1
  
  a60b68bfcdaf26f783216665d75872e9f9608000
- SHA256
  
  69cc2a01c58024d4636306daa5aeb3ae73ed828f0db0cded3f445927490677e9
- SHA512
  
  6268c253ccd5c2726e9e5c6dd7a5dc03570889e1d329f2ae23080696a28f5f215202ed2717478c4de5954017eb982409ff4e041a1e21e3a0ae6c2f965faad1f7
- SSDEEP
  
  393216:xkY1HmfIGGd1RiOrUmIlGokw+/jyZAgeOf9fEHgVhQpUdaQ9Fdd:xJEAGGRiSzGGpn/GAg5fiAjjdVd
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

agentteslastormkittyxworm

behavioral1

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy