agenttesla | 56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a | Triage

Submit
Reports

Overview

overview

Static

static

5

56235f1efc...8a.exe

windows7-x64

56235f1efc...8a.exe

windows10-2004-x64

Sharing

General

Target

56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a
Size

1.1MB
Sample

240720-bh1b4szblq
MD5

edac018e5a7c77ee0f91730daa13abbe
SHA1

a66963b2f31dc6b02b4a7323054027c025128a87
SHA256

56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a
SHA512

75f06dd3f78d424300adebc19b2d3fd4a59afde455a10d25bf288d466d17567003563675df7044a57136713c4609f4e26338795abde6f6d4bb5ee1fdbb979b6e
SSDEEP

24576:fAHnh+eWsN3skA4RV1Hom2KXMmHarA5GwcFfewI37fACb5:Ch+ZkldoPK8YarAAt4D0G

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a.exe

Resource

win7-20240704-en

agenttesla keylogger spyware stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a.exe

Resource

win10v2004-20240709-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a
- Size
  
  1.1MB
- MD5
  
  edac018e5a7c77ee0f91730daa13abbe
- SHA1
  
  a66963b2f31dc6b02b4a7323054027c025128a87
- SHA256
  
  56235f1efcf7e723b36d04fe176b9caa8513374767df3cba9ab21ea8e9e2ba8a
- SHA512
  
  75f06dd3f78d424300adebc19b2d3fd4a59afde455a10d25bf288d466d17567003563675df7044a57136713c4609f4e26338795abde6f6d4bb5ee1fdbb979b6e
- SSDEEP
  
  24576:fAHnh+eWsN3skA4RV1Hom2KXMmHarA5GwcFfewI37fACb5:Ch+ZkldoPK8YarAAt4D0G
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy