agenttesla | edf295456f56ec74434298195829eb2e4afdb252f6f2683227eeefc84eef21fd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

comet.exe

windows11-21h2-x64

key.txt

windows11-21h2-x64

3

Sharing

General

Target

UEFI, EFI, SHIT WOOFER ( AUTH SWAPPED ).rar
Size

1.1MB
Sample

240909-r49exawcmb
MD5

f9c12d456bd179909393c383c018156b
SHA1

c37f77ad8cab858a7bb848f5390987682f2149bb
SHA256

edf295456f56ec74434298195829eb2e4afdb252f6f2683227eeefc84eef21fd
SHA512

4af0e4a75b4c4433cb4e09a7edfe4e1ad34c89c30eb049f72db4e676f44fda496c10221e41667ab2d961132d2385d77026d5810fcd39530cc94a23674fe65621
SSDEEP

24576:vEZWIO8TlyDp44HIOM+2JWKtsXnMqetoNLlbBLZa9Tj:guUkxHxtKtsXMqetoNLt+9X

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

comet.exe

Resource

win11-20240802-en

agenttesla discovery keylogger spyware stealer trojan

windows11-21h2-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

key.txt

Resource

win11-20240802-en

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  comet.exe
- Size
  
  1.2MB
- MD5
  
  01ebbbb0e2be2e83ee16356f9d0d0cf5
- SHA1
  
  1c21379e4deb3faecc927cdbd70f25f8f42c74d8
- SHA256
  
  2b04ca0db9427df8711aba88c6263c2ab3639c54d4c6cd78ae5197b057041b03
- SHA512
  
  3b68df217a9888b3313c7036d6ef1fb7b7986dd6a1621aa0b70654797d53e2c57982d9363c070ceef136034db710ebf901a03fb210fb4b036d5d557d68f5d5c0
- SSDEEP
  
  24576:I1NJjDBAOySOTQcPTAcySiDNpfVkqgfPyU8/oa8reuaDH40:InJjDaOyL70nS4pfVkqgy6r3aE
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1
- Target
  
  key.txt
- Size
  
  21B
- MD5
  
  f85e5fbb76a76152431dac646cc3aecc
- SHA1
  
  846cfa0fbb8a0c24cadc87c99e098bcd4193cd42
- SHA256
  
  e678114aca9c68f97df8b3d5522601327815515b62735e99496e89da0e4ccdae
- SHA512
  
  5bef7e839229f76611834d1499317680d7e0f74c2899c0750124854cc23837a414c1462d9777c270b229a7bb9e7d54f66ddad6ceca9f367dc5f27f8b86781569
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

© 2018-2025

Terms | Privacy