agenttesla | 7a7316d2e5ce8a747d3dbf78f36bb9030379c0213c61fed19c362a665666bbf9 | Triage

Submit
Reports

Overview

overview

Static

static

5

ghf.exe

windows7-x64

ghf.exe

windows10-2004-x64

Sharing

General

Target

7a7316d2e5ce8a747d3dbf78f36bb9030379c0213c61fed19c362a665666bbf9
Size

572KB
Sample

241230-bez7yasnbt
MD5

78c4a3985c73b676542d5764f549b21d
SHA1

8fc707d5617a29ac4cf77a54f5d8a1816964467b
SHA256

7a7316d2e5ce8a747d3dbf78f36bb9030379c0213c61fed19c362a665666bbf9
SHA512

87df667309c1f6b4c1ce3ce5adef5c30ef9e8fa3c2821773a5273e476ea9b25a2046e62c5be73473428d4ce84e23114742665f6fab871c64b4f50c66f11bddb9
SSDEEP

12288:T8G5wgS6fAJLI+ERhZsvL9Q9uPq/e27K4w6w3NH2PP+uxdz:T8YBS6CQMZQ8y/e27K4w6mEPP+Qdz

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ghf.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ghf.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  ghf.exe
- Size
  
  1.0MB
- MD5
  
  5d8c60d0a0f9455ed1535b0f47872505
- SHA1
  
  297d4ff53e738b518af330a522eefda5f17b52dc
- SHA256
  
  1097dac7d2c45ee287ab50d121ca2d0931ac6e954f6741a3991dae21ebec4231
- SHA512
  
  ffd89308d904031381b8959592b340be632461f041c84633b72f295e71672f153afad0037e464814d183efadf156fca296088eccd8e72bada265a0b64d39b025
- SSDEEP
  
  24576:mu6J33O0c+JY5UZ+XC0kGso6Fa3rZi+oI+V9Q6WY:ou0c++OCvkGs9Fa3rZi+OVKY
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy