agenttesla | 664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff | Triage

Submit
Reports

Overview

overview

Static

static

5

664c0c690a...ff.exe

windows7-x64

664c0c690a...ff.exe

windows10-2004-x64

Sharing

General

Target

664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe
Size

1.0MB
Sample

240705-br6v9a1fjc
MD5

6c10bc159358093f6e827b170bcddeda
SHA1

1e9109ffb469e5c1fa2535c74f50c6afb7f99d66
SHA256

664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff
SHA512

d2f781e2152b341e086573007cd06b18142be352a8470749526ec6c50da615989eef6c1313ff10b01d5f46a7c5691377f81cbd5d91ae0361f3a7a010c3c71b4d
SSDEEP

24576:kAHnh+eWsN3skA4RV1Hom2KXMmHaswyH8aNpmq5:zh+ZkldoPK8YasbNz

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe

Resource

win7-20240419-en

agenttesla keylogger spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe

Resource

win10v2004-20240704-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.pgsu.co.id
Port:
587
Username:
[email protected]
Password:
Vecls16@Vezs
Email To:
[email protected]

Targets

- Target
  
  664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe
- Size
  
  1.0MB
- MD5
  
  6c10bc159358093f6e827b170bcddeda
- SHA1
  
  1e9109ffb469e5c1fa2535c74f50c6afb7f99d66
- SHA256
  
  664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff
- SHA512
  
  d2f781e2152b341e086573007cd06b18142be352a8470749526ec6c50da615989eef6c1313ff10b01d5f46a7c5691377f81cbd5d91ae0361f3a7a010c3c71b4d
- SSDEEP
  
  24576:kAHnh+eWsN3skA4RV1Hom2KXMmHaswyH8aNpmq5:zh+ZkldoPK8YasbNz
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy