agenttesla | 300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193 | Triage

Submit
Reports

Overview

overview

Static

static

3

300d6c69c0...93.exe

windows7-x64

300d6c69c0...93.exe

windows10-2004-x64

Sharing

General

Target

300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193
Size

2.5MB
Sample

250112-bwcsza1mer
MD5

32f0763bac0065d935eeb2d239cb53fc
SHA1

b894ebdec9d4bcda45ebb08ea9f718250883a2bb
SHA256

300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193
SHA512

ff31a9814d61638fb1278215fdc7ceaa9d6c89dcef94634ef22a12b7db1d9896efa58c11c01f09818fc9b54d5e1e3552a65f2b770c283dfe180aada7756f620d
SSDEEP

49152:NXORMzDisxk6tAxnrrRF24hjZMIznhDp+HMKchyLFLFKx3HclBQbUtRfC4FrYct2:NXORMzAnrrRF24hjZMIznhDv7yLFLFKt

Score

10^/10

agenttesla collection credential_access discovery keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193.exe

Resource

win10v2004-20241007-en

agenttesla collection credential_access discovery keylogger spyware stealer trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot1611823422:AAE2tV5jSK2FOUbFQRNzZUsuQBkBGzgEX5U/sendDocument

Targets

- Target
  
  300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193
- Size
  
  2.5MB
- MD5
  
  32f0763bac0065d935eeb2d239cb53fc
- SHA1
  
  b894ebdec9d4bcda45ebb08ea9f718250883a2bb
- SHA256
  
  300d6c69c0e497397e6aef2d2a098fbea72d5f1589d5c55111c3bd35efb69193
- SHA512
  
  ff31a9814d61638fb1278215fdc7ceaa9d6c89dcef94634ef22a12b7db1d9896efa58c11c01f09818fc9b54d5e1e3552a65f2b770c283dfe180aada7756f620d
- SSDEEP
  
  49152:NXORMzDisxk6tAxnrrRF24hjZMIznhDp+HMKchyLFLFKx3HclBQbUtRfC4FrYct2:NXORMzAnrrRF24hjZMIznhDv7yLFLFKt
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan collection credential_access
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- AgentTesla payload
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agentteslacollectioncredential_accessdiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy