agenttesla | 20027c560483941c10d60098ea22ee973b647ad934377be62c88ee4acb2fc465 | Triage

Submit
Reports

Overview

overview

Static

static

XWorm V5.6.exe

windows7-x64

XWorm V5.6.exe

windows10-2004-x64

Sharing

General

Target

XWorm 5.6 By Necrowolf.zip
Size

29.0MB
Sample

240804-mdrpysshqn
MD5

c0241c872960312fd3071cff209fbc5e
SHA1

131e432ea6128bbfb6bc1092012d4afd8e2aae27
SHA256

20027c560483941c10d60098ea22ee973b647ad934377be62c88ee4acb2fc465
SHA512

085c3324c4994eab79205f3522b31634b1963a7bb02a52a9820bd1e80a2ee150d24c370fa619f8f421b1fdb8b185bcffb21c42ea6f7f1352f2202b6f224afac6
SSDEEP

786432:FdFE28ZPxcPZfhFih8KLU2CsGnGjwCxccw6XBc2xb:F+Nq1PXTGUSDfRXb

Score

10^/10

agenttesla stormkitty xworm discovery keylogger spyware stealer trojan vmprotect

Static task

static1

vmprotect agenttesla stormkitty xworm

9 signatures

Behavioral task

behavioral1

Sample

XWorm V5.6.exe

Resource

win7-20240704-en

agenttesla keylogger spyware stealer trojan vmprotect

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

XWorm V5.6.exe

Resource

win10v2004-20240802-en

agenttesla discovery keylogger spyware stealer trojan vmprotect

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  XWorm V5.6.exe
- Size
  
  17.9MB
- MD5
  
  49f6c848fc3b1f32ed96b08bca221e53
- SHA1
  
  0c1da68ae22f31f61ded840a42515793e1432a24
- SHA256
  
  7926286cb142cc3d2511cde859dc78ea4d9a26b5007c80bc33879fc3e5800c0c
- SHA512
  
  1cb5fea83ccecf175ec1ed6e381bf09f915115458869f05ebdbfbd2a92b6ec41f0a5d004e0bf74a80ccc68491554bb7df95d10242f22ce1429a2bcff124b5ba1
- SSDEEP
  
  196608:M0gakUV27n9vemQvnDi9BsSqzcB/BAe1d4ihvy85JhhYc3BSL1kehn4inje:MXakUQ7n9vemmmB16ayIhhkRka4i
Score

10^/10

agenttesla keylogger spyware stealer trojan vmprotect discovery
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

vmprotectagentteslastormkittyxworm

behavioral1

agentteslakeyloggerspywarestealertrojanvmprotect

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojanvmprotect

© 2018-2025

Terms | Privacy