agenttesla | c5cd44fb7f03894dbaf1734bf640b6a5a77a2446e1d7d5a9e8abfe86299d0798 | Triage

Submit
Reports

Overview

overview

Static

static

5

GH784608UJ...GU.exe

windows7-x64

GH784608UJ...GU.exe

windows10-2004-x64

Sharing

General

Target

c5cd44fb7f03894dbaf1734bf640b6a5a77a2446e1d7d5a9e8abfe86299d0798
Size

543KB
Sample

241122-be7a9a1lbw
MD5

ffd47d9b95d9ce878e765abc77927785
SHA1

0a5f46b9fe5e4924eb9cf9aa569a55e6ce341fab
SHA256

c5cd44fb7f03894dbaf1734bf640b6a5a77a2446e1d7d5a9e8abfe86299d0798
SHA512

e0590698249c5ab372f60fd4ac3b8e95df90f9b67c618eaf0ccb489673c3f7da864d41fe571c17fe9909204142560d7209b73c250ee8d576a139cb090c490087
SSDEEP

12288:VelqeJMMRoBYCJrydnDbh80Na550/C69w2BDQ3VnlkGUDGnOPbfh7q:VneJMssriDbtS5YC69VklnlkNdzhq

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

GH784608UJ-BCD8YU0O-JKLTU5798BGU.exe

Resource

win7-20241010-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

GH784608UJ-BCD8YU0O-JKLTU5798BGU.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
cy+G_(979n9N
Email To:
[email protected]

Targets

- Target
  
  GH784608UJ-BCD8YU0O-JKLTU5798BGU.exe
- Size
  
  80.0MB
- MD5
  
  b039406b8f5c7c619b4600c70dac451c
- SHA1
  
  6b382e480b627dba8fc969ced7c993f0e3b6c949
- SHA256
  
  f7a5ccff0d6370e07af5762636a7f16b6c1924e1befa99bca203dab3c7cfa726
- SHA512
  
  d127cb68af43b0a36f2759607deefd2d23cf9950edd77525c98e24bdda762ac955853b9d3c8020e0b8d92700264200e9877eb3477aa13384b9f1cba785cab735
- SSDEEP
  
  12288:7tb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaxRSszJAc55VqLjo9c6:7tb20pkaCqT5TBWgNQ7axRtT1c6A
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy