agenttesla | fe4434bbb7fd55467a76caa8876f694954b49566b5939131ebc455c32e3a969f | Triage

Submit
Reports

Overview

overview

Static

static

5

RFQ SN0095...er.exe

windows7-x64

RFQ SN0095...er.exe

windows10-2004-x64

Sharing

General

Target

RFQ SN00954666 for prosjekt CMC 40 fot container.BZ2
Size

823KB
Sample

241002-rrt5fs1ckq
MD5

a17ef58db02c06e5bfffbca55aa6c942
SHA1

54ae786f677a4674b91ba410a74873770014dc8c
SHA256

fe4434bbb7fd55467a76caa8876f694954b49566b5939131ebc455c32e3a969f
SHA512

17b4aef41573085c5de9e14840eb22aaf5123955e1a2c2287e81242abb333f170f3c225b2edb8db8a0d825ddcfe857b4d4c6f4755fa6928648e2832ef490a423
SSDEEP

12288:M3FdE0pB+HUmanHg9DCuVHeNzl6nMdPml9feFMX9zRvb9ZVVfrrVd0Jh2ltoeE:MrE0pvmGTuMQMAl9GEzJ9Zj/Vd0CbE

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

RFQ SN00954666 for prosjekt CMC 40 fot container.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

RFQ SN00954666 for prosjekt CMC 40 fot container.exe

Resource

win10v2004-20240802-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
bezelety.top
Port:
587
Username:
[email protected]
Password:
IxF(..bSed6k
Email To:
[email protected]

Targets

- Target
  
  RFQ SN00954666 for prosjekt CMC 40 fot container.exe
- Size
  
  1.1MB
- MD5
  
  6f372aad87d442dec0f25eafa57cd9f5
- SHA1
  
  5cb1f90381f86732a50431e75bf21ee045ddd5a1
- SHA256
  
  b81164598e70459709bba50dead99248d28e6d4dc0e0e5093fa28ad554c9694a
- SHA512
  
  627d8b92939349e48803cfcfa50e4efead10761b5444e6a69661fe37ff760f86683be02362e4706d62e7feaba3a093a207183f587b8f0a9d39ac93076be9b24b
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLlYYwMil9A4Zd93j7Vd0044:f3v+7/5QLGYFib93jc07
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy