agenttesla | ee262364ef33326ce4d145a1bc920ded3750d2d73596c623962080b58084de1d | Triage

Submit
Reports

Overview

overview

Static

static

Shipping D...ts.exe

windows7_x64

Shipping D...ts.exe

windows10_x64

3

Sharing

General

Target

Shipping Documents.exe
Size

783KB
Sample

200731-y7nqcxk97s
MD5

e5bde8a869853246fcb3e03f8549745b
SHA1

e615e5d128153806519a2d7e500dc3f15a72aaed
SHA256

ee262364ef33326ce4d145a1bc920ded3750d2d73596c623962080b58084de1d
SHA512

eb646865c32e2882d9ef11f9dd4ccc4c794ffe4e714ecdc7a74d7f738425b0b0e4637a4f5cc9d2a8a5ea1b7ed673eb11656dffcb5e758641b463d5d52ca76536

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Shipping Documents.exe

Resource

win7v200722

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Shipping Documents.exe

Resource

win10v200722

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
gamzyolowo@yandex.com
Password:
chikaaka1

Targets

- Target
  
  Shipping Documents.exe
- Size
  
  783KB
- MD5
  
  e5bde8a869853246fcb3e03f8549745b
- SHA1
  
  e615e5d128153806519a2d7e500dc3f15a72aaed
- SHA256
  
  ee262364ef33326ce4d145a1bc920ded3750d2d73596c623962080b58084de1d
- SHA512
  
  eb646865c32e2882d9ef11f9dd4ccc4c794ffe4e714ecdc7a74d7f738425b0b0e4637a4f5cc9d2a8a5ea1b7ed673eb11656dffcb5e758641b463d5d52ca76536
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

© 2018-2024

Terms | Privacy