Overview

overview

10

Static

static

3

XiaomiKEY_...up.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XiaomiKEY_v2.2.5.0_Setup.exe

  • Size

    163.8MB

  • Sample

    240726-y8k2fasgkl

  • MD5

    7c82fcfbf6f142ff5cfcae4ae4436323

  • SHA1

    faf94d404923de012a68c8508d89a5ffa422be0a

  • SHA256

    c309541c43cd7782f6a2f844f82936ccf446ef26712271f842c9cc99dcaae45b

  • SHA512

    890a209583e7a56095501f2183fcfdcc9d68204b2e6a521e08418d18d6b09b4d9572d320b88c875a9c899b8a8bdeac8bc705b1d3bc8dc5ec7e2eb0160cb43cd9

  • SSDEEP

    3145728:j3n6qKKxYNXxvL4ZKZkkMKSUDxrKRNV0c544st9IOc9BBkm7KzWuYYN:jFKjl8WRMKSSEYyOKBBJ7O9

Score
10/10
agenttesladiscoverykeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      XiaomiKEY_v2.2.5.0_Setup.exe

    • Size

      163.8MB

    • MD5

      7c82fcfbf6f142ff5cfcae4ae4436323

    • SHA1

      faf94d404923de012a68c8508d89a5ffa422be0a

    • SHA256

      c309541c43cd7782f6a2f844f82936ccf446ef26712271f842c9cc99dcaae45b

    • SHA512

      890a209583e7a56095501f2183fcfdcc9d68204b2e6a521e08418d18d6b09b4d9572d320b88c875a9c899b8a8bdeac8bc705b1d3bc8dc5ec7e2eb0160cb43cd9

    • SSDEEP

      3145728:j3n6qKKxYNXxvL4ZKZkkMKSUDxrKRNV0c544st9IOc9BBkm7KzWuYYN:jFKjl8WRMKSSEYyOKBBJ7O9

    Score
    10/10
    agenttesladiscoverykeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks