agenttesla | b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87 | Triage

Submit
Reports

Overview

overview

Static

static

5

b7dcd52295...cs.exe

windows7-x64

b7dcd52295...cs.exe

windows10-2004-x64

Sharing

General

Target

b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe
Size

1.1MB
Sample

240629-xjmnaswhnj
MD5

bea1e7c2506fd615e692cde2aab07fc0
SHA1

8cffbe78c52071c3d483ff274089f3c03a72de50
SHA256

b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87
SHA512

762164828dc431f6b09414c5ad1cbb7748c97864cd82b82f67e622b4ab2ab52073522a85db3dc25152434a34ca6e57a500d14d823a9278cd372fcc14993fc846
SSDEEP

24576:UAHnh+eWsN3skA4RV1Hom2KXMmHayZ9GnTOrQAA4bXV5:jh+ZkldoPK8YayfGnTYQAX

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe

Resource

win10v2004-20240226-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
cp8nl.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
vqpF.#QRT234
Email To:
[email protected]

Targets

- Target
  
  b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe
- Size
  
  1.1MB
- MD5
  
  bea1e7c2506fd615e692cde2aab07fc0
- SHA1
  
  8cffbe78c52071c3d483ff274089f3c03a72de50
- SHA256
  
  b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87
- SHA512
  
  762164828dc431f6b09414c5ad1cbb7748c97864cd82b82f67e622b4ab2ab52073522a85db3dc25152434a34ca6e57a500d14d823a9278cd372fcc14993fc846
- SSDEEP
  
  24576:UAHnh+eWsN3skA4RV1Hom2KXMmHayZ9GnTOrQAA4bXV5:jh+ZkldoPK8YayfGnTYQAX
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy