agenttesla | d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca | Triage

Submit
Reports

Overview

overview

Static

static

7

d63fba0676...ca.exe

windows7-x64

d63fba0676...ca.exe

windows10-2004-x64

Sharing

General

Target

d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca
Size

918KB
Sample

240630-bwcg7svflm
MD5

9d2db88a4545106e4eb473b29245689d
SHA1

e495f0e9cfb5566b9f75ae8d9a7d9a65eddcd059
SHA256

d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca
SHA512

40710dc46f012c001667ee5f40cdc5e1480cf5651685fbb7445b0ee0f59770e8ccb56e42060322e04b44bcb98b52dd698e1a0fee36b6e0ff2466b01df2a4af3a
SSDEEP

24576:Gur9gkEPGcHHX1OSr/cdzztAPxYAeAzp3RyZQTTqjLSu:hr9gNGKXhrgXtAPHzRR3TGjO

Score

10^/10

agenttesla keylogger spyware stealer trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca.exe

Resource

win7-20231129-en

agenttesla keylogger spyware stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca.exe

Resource

win10v2004-20240611-en

agenttesla keylogger spyware stealer trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca
- Size
  
  918KB
- MD5
  
  9d2db88a4545106e4eb473b29245689d
- SHA1
  
  e495f0e9cfb5566b9f75ae8d9a7d9a65eddcd059
- SHA256
  
  d63fba06762403bbb8e5960cc88dbc040a72bbc8193257d6f0c98f0b9506e7ca
- SHA512
  
  40710dc46f012c001667ee5f40cdc5e1480cf5651685fbb7445b0ee0f59770e8ccb56e42060322e04b44bcb98b52dd698e1a0fee36b6e0ff2466b01df2a4af3a
- SSDEEP
  
  24576:Gur9gkEPGcHHX1OSr/cdzztAPxYAeAzp3RyZQTTqjLSu:hr9gNGKXhrgXtAPHzRR3TGjO
Score

10^/10

agenttesla keylogger spyware stealer trojan upx
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojanupx

behavioral2

agentteslakeyloggerspywarestealertrojanupx

© 2018-2024

Terms | Privacy