agenttesla | ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827 | Triage

Submit
Reports

Overview

overview

Static

static

5

Sigmanly_a...27.exe

windows7-x64

Sigmanly_a...27.exe

windows10-2004-x64

Sharing

General

Target

Sigmanly_ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827
Size

1.1MB
Sample

250113-vps16asmbr
MD5

55dadd9132a68cc9b383f8f09f7c19f3
SHA1

27cdd435e0f34fce604da69a2fb8b2398db5b8a7
SHA256

ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827
SHA512

553fb0f9a40a9a441a7cfd52f4069d863779fcbcd3027b72e405311119ae76443972a796c3ed02a47bbb47be0b4d9e88e0596f53176feb06fe67b69593653cbc
SSDEEP

12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLQNZ3tvML5eHaWBI81fSH/HTx71TxXW:ffmMv6Ckr7Mny5QLUVML5CdCDTxXFs

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Sigmanly_ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sigmanly_ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827.exe

Resource

win10v2004-20241007-en

agenttesla discovery keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://backup.smartape.ru
Port:
21
Username:
user894494
Password:
UPQxNeF0GUq5

Targets

- Target
  
  Sigmanly_ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827
- Size
  
  1.1MB
- MD5
  
  55dadd9132a68cc9b383f8f09f7c19f3
- SHA1
  
  27cdd435e0f34fce604da69a2fb8b2398db5b8a7
- SHA256
  
  ae11457c1e56a184f1428c6fe375e0bac112ec4c09d93c4e87c6db6062bb8827
- SHA512
  
  553fb0f9a40a9a441a7cfd52f4069d863779fcbcd3027b72e405311119ae76443972a796c3ed02a47bbb47be0b4d9e88e0596f53176feb06fe67b69593653cbc
- SSDEEP
  
  12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLQNZ3tvML5eHaWBI81fSH/HTx71TxXW:ffmMv6Ckr7Mny5QLUVML5CdCDTxXFs
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

behavioral2

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy