agenttesla | 7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5 | Triage

Submit
Reports

Overview

overview

Static

static

5

7c8209053f...c5.exe

windows7-x64

7c8209053f...c5.exe

windows10-2004-x64

Sharing

General

Target

7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5.exe
Size

1.2MB
Sample

250110-rflc6swmdt
MD5

515fd5f36230667c7060e83a5dd79abe
SHA1

35be32bbfbead2f6bbc48f9dcc7f675fba407676
SHA256

7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5
SHA512

b92d710020eaf708d32f6576bb81e64bf9c69776eef6279963dd933bde47d6f014930f5d5f52437e9b7c7aed1fedfce7be433e454df6e1487fb7a50a20adab84
SSDEEP

24576:FfmMv6Ckr7Mny5QiXx5j0HjXqiYCOvjF6PPt:F3v+7/5QiXx5j0Hj6iYCOLSt

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5.exe
- Size
  
  1.2MB
- MD5
  
  515fd5f36230667c7060e83a5dd79abe
- SHA1
  
  35be32bbfbead2f6bbc48f9dcc7f675fba407676
- SHA256
  
  7c8209053ff4705b39dcd23318174fc4407eabc5bdc40f4babfd876f8d049bc5
- SHA512
  
  b92d710020eaf708d32f6576bb81e64bf9c69776eef6279963dd933bde47d6f014930f5d5f52437e9b7c7aed1fedfce7be433e454df6e1487fb7a50a20adab84
- SSDEEP
  
  24576:FfmMv6Ckr7Mny5QiXx5j0HjXqiYCOvjF6PPt:F3v+7/5QiXx5j0Hj6iYCOLSt
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy