agenttesla | acba2aba05c54067a1837b23ede11edd44ae646f197e00285d0280681b3b2b2e | Triage

Submit
Reports

Overview

overview

Static

static

5

Nueva Orde...24.exe

windows7-x64

Sharing

General

Target

Orden de compra-password(Y6V1AmQz).zip
Size

1.3MB
Sample

250122-19el6aymfw
MD5

2d433124b3245738a6af87f789fd8598
SHA1

7c4b00c26810e614dc088fb23ad7dad1e65fb560
SHA256

acba2aba05c54067a1837b23ede11edd44ae646f197e00285d0280681b3b2b2e
SHA512

d1dfea0143d6008038d14555a9a3b3bc0df8623dc82ca4b7cf7d09a6898acbca07bfcbf6f941a21d0419040290c9a0e13c57ad00e279152003327b0aa1ee1a66
SSDEEP

24576:SBAgQ98DvTa8rmjBY71ZgiRe1kUidx5PgQiyUoLgbp7VTZ/QLKG/0GV:hirXp1ZhREiOluKp7VTJrY0GV

Score

10^/10

agenttesla discovery keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Nueva Orden de Compra 5424.exe

Resource

win7-20240903-en

agenttesla discovery keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.solucionesmexico.mx
Port:
21
Username:
[email protected]
Password:
dGG^ZYIxX5!B

Targets

- Target
  
  Nueva Orden de Compra 5424.exe
- Size
  
  1.3MB
- MD5
  
  70b62fe5c9f6a8bfccb0b2a4b8d45e84
- SHA1
  
  129d8ca1944bcf608fa12a032d254e7dc08c2cc7
- SHA256
  
  3c0c387ff08da55e2f2f8062bae3732ff7787a95aa8c6371482be5b9c719ef9e
- SHA512
  
  dcd7ef997cc75035340e68706094a0c118f1beccdcc5862c21a96458726b89b6fdb3f9563734630796bdd164e5f93dc0e61ccb27df27235c376c4e54ecbe6170
- SSDEEP
  
  24576:ctb20pkaCqT5TBWgNQ7aWQXC9PnTYBN9mSSsNcG6A:FVg5tQ7aWYBBBSA35
Score

10^/10

agenttesla discovery keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Agenttesla family
  agenttesla
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agenttesladiscoverykeyloggerspywarestealertrojan

© 2018-2025

Terms | Privacy