agenttesla | 5cce6e45d2c3b4c1c1f0d136d8c51c6c61eecc4ce09228d211ba3ba7d328d426 | Triage

Submit
Reports

Overview

overview

Static

static

5

GGHT080589...89.exe

windows7-x64

GGHT080589...89.exe

windows10-2004-x64

Sharing

General

Target

5cce6e45d2c3b4c1c1f0d136d8c51c6c61eecc4ce09228d211ba3ba7d328d426
Size

573KB
Sample

241120-btlyvsxlfw
MD5

95a101087c5ba2ae5e0ac60a3eadf9c9
SHA1

86113977af576996394eb891a33277a19baf644c
SHA256

5cce6e45d2c3b4c1c1f0d136d8c51c6c61eecc4ce09228d211ba3ba7d328d426
SHA512

d2b0b7cdff8cd4405561bd9747c351cb04bcc05034a2b317d1edeb5e474e31d05f95185217d25a4ce8ebb27343305c884dbbd2c53ac1e1af0731970c940a8c71
SSDEEP

12288:wW1mV4uGIidKkdBdTCY1DMmEoC7fm5TYUZe9oaVUR0ecr63R:wKugC4MaC7qe94F5R

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

GGHT080589-FTU468I90-XVT898789989.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

GGHT080589-FTU468I90-XVT898789989.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
@qwerty90123
Email To:
[email protected]

Targets

- Target
  
  GGHT080589-FTU468I90-XVT898789989.exe
- Size
  
  1.0MB
- MD5
  
  6fafa741cf788650bc17d952cb3db5c8
- SHA1
  
  9fc2c2723d641b5197953d05b0b2d14970834a0b
- SHA256
  
  c1a803ed22d5f209d469273c86bfeb635c21e1e463419071d7da401003995107
- SHA512
  
  df04d12e3877f2c0a7403c7b2d6b1a4139f765384364e389ddc8a94b5aa199a78c1f52161ed07a3bf0c9326950dbccf79986bfb2ef803cf66c2f21baaf9244e4
- SSDEEP
  
  24576:Utb20pkaCqT5TBWgNQ7aiEfT3WLghrViu6A:9Vg5tQ7aiEfplv5
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy