agenttesla | cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1 | Triage

Submit
Reports

Overview

overview

Static

static

3

cf9b22d4b9...d1.exe

windows7-x64

cf9b22d4b9...d1.exe

windows10-2004-x64

Sharing

General

Target

cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1
Size

444KB
Sample

241211-btejsatlfq
MD5

d31b2440677629f677088e97981aa638
SHA1

43b91b1c7b064294440f9d944166a65e0db48e14
SHA256

cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1
SHA512

3598327a3827742d67f1794acf1eda28ded22ed7ac92cc69de7866b20903a97da6782b8908650e83825f290f900518157f398485f45f9f5c6ff46bf5c885b954
SSDEEP

6144:HoPu6sbxtqQwDCVmpXdaZwVGnESPmP2yyT5lq1aR8a4XZLCWR7pUZ:PjqYZwV3SPm7yT5Qw+mWtaZ

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1.exe

Resource

win7-20241010-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1
- Size
  
  444KB
- MD5
  
  d31b2440677629f677088e97981aa638
- SHA1
  
  43b91b1c7b064294440f9d944166a65e0db48e14
- SHA256
  
  cf9b22d4b9bd24c826d360840e3fba7d40ce49d636902980655c328cb118c1d1
- SHA512
  
  3598327a3827742d67f1794acf1eda28ded22ed7ac92cc69de7866b20903a97da6782b8908650e83825f290f900518157f398485f45f9f5c6ff46bf5c885b954
- SSDEEP
  
  6144:HoPu6sbxtqQwDCVmpXdaZwVGnESPmP2yyT5lq1aR8a4XZLCWR7pUZ:PjqYZwV3SPm7yT5Qw+mWtaZ
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- AgentTesla payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy