Malware Signature

The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with AgentTesla

Database Entry

Malware:AgentTesla
First seen:2017-02-02 02:22:06 UTC
Last seen:2022-06-30 00:56:20 UTC

Malware Samples

The table below documents all malware samples associated with this malware family.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2022-06-30 00:56:2030d6dbbf3251ef47c856e64254ee5601Virustotal results 28 / 68 (41.18%) AgentTesla62.197.136.167:1111
2022-01-25 08:56:53668cbb9d01d55ca7ec4e1a41d498ea34n/aAgentTesla195.133.18.32:8808
2022-01-25 08:56:53668cbb9d01d55ca7ec4e1a41d498ea34n/aAgentTesla195.133.18.32:8808
2021-09-12 09:31:35a8cfc3865dfee4ee96edd5e91cd846cfVirustotal results 45 / 68 (66.18%) AgentTesla178.200.180.146:10134
2021-07-24 06:44:16ecc4bce1a88bb738bc5da5f51546e442Virustotal results 35 / 69 (50.72%) AgentTesla193.32.219.170:10134
2021-07-24 06:44:16ecc4bce1a88bb738bc5da5f51546e442Virustotal results 35 / 69 (50.72%) AgentTesla193.32.219.170:10134
2021-07-12 15:57:14981eb6dbd0a4eb2e33f04b0ffac69944Virustotal results 30 / 68 (44.12%) AgentTesla3.137.146.78:777
2021-07-12 15:57:14981eb6dbd0a4eb2e33f04b0ffac69944Virustotal results 30 / 68 (44.12%) AgentTesla3.137.146.78:777
2021-04-23 08:30:006c733621e781d970c7cc32108a0ab622Virustotal results 43 / 69 (62.32%) AgentTesla18.224.135.48:1612
2021-04-23 08:30:006c733621e781d970c7cc32108a0ab622Virustotal results 43 / 69 (62.32%) AgentTesla18.224.135.48:1612
2021-03-31 05:03:34a428c6ab3d79e8d79395db1518d414b0Virustotal results 34 / 44 (77.27%) AgentTesla18.224.135.48:9933
2021-03-31 05:03:34a428c6ab3d79e8d79395db1518d414b0Virustotal results 34 / 44 (77.27%) AgentTesla18.224.135.48:9933
2021-03-30 00:25:50f66bcae24e1df34bcc2f15a24a646635Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-30 00:25:50f66bcae24e1df34bcc2f15a24a646635Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-27 21:23:23eb73feb8713fbcc20dd4a6861a4b89ban/aAgentTesla193.38.55.33:443
2021-03-27 21:23:23eb73feb8713fbcc20dd4a6861a4b89ban/aAgentTesla193.38.55.33:443
2021-03-25 15:11:44eac5db5e09667ff09e44a179d3837364Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-25 15:11:44eac5db5e09667ff09e44a179d3837364Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-25 05:37:01926e451b83fa2370e1baf49f75de7937Virustotal results 41 / 69 (59.42%) AgentTesla193.38.55.33:443
2021-03-25 05:37:01926e451b83fa2370e1baf49f75de7937Virustotal results 41 / 69 (59.42%) AgentTesla193.38.55.33:443
2021-03-24 10:42:12cc5b4def26c15ad19de9f6ae7028d0e3Virustotal results 51 / 69 (73.91%) AgentTesla18.224.135.48:2008
2021-03-24 10:42:12cc5b4def26c15ad19de9f6ae7028d0e3Virustotal results 51 / 69 (73.91%) AgentTesla18.224.135.48:2008
2021-03-11 23:29:43897a1239f1ccd07673a2197cd96d1e52Virustotal results 52 / 70 (74.29%) AgentTesla18.224.135.48:1612
2021-03-11 23:29:43897a1239f1ccd07673a2197cd96d1e52Virustotal results 52 / 70 (74.29%) AgentTesla18.224.135.48:1612
2021-02-24 10:25:58e11349b5c128629768646364a5f1274fVirustotal results 57 / 71 (80.28%) AgentTesla3.128.190.178:1222
2021-02-24 10:25:58e11349b5c128629768646364a5f1274fVirustotal results 57 / 71 (80.28%) AgentTesla3.128.190.178:1222
2020-11-11 18:19:45fa31c50188c560162f4901f8c168158dn/aAgentTesla37.120.208.36:49703
2020-11-11 18:19:45fa31c50188c560162f4901f8c168158dn/aAgentTesla37.120.208.36:49703
2020-08-04 06:36:36519841636c066a34094691787e5d6a1dn/aAgentTesla194.5.97.11:27031
2020-08-04 06:36:36519841636c066a34094691787e5d6a1dn/aAgentTesla194.5.97.11:27031
2020-07-16 06:37:088dc8dd6ff7a50bf1bdcdaeea069a4ae6n/aAgentTesla185.140.53.11:9845
2020-07-16 06:37:088dc8dd6ff7a50bf1bdcdaeea069a4ae6n/aAgentTesla185.140.53.11:9845
2020-07-09 01:09:00338fc5b0f469b1b2cdc2d1664b7b0eb5n/aAgentTesla79.134.225.111:7071
2020-07-09 01:09:00338fc5b0f469b1b2cdc2d1664b7b0eb5n/aAgentTesla79.134.225.111:7071
2020-03-05 21:16:045e01bc36aab882405b25f4695a91c0feVirustotal results 29 / 73 (39.73%) AgentTesla185.140.53.60:7071
2020-03-05 21:16:045e01bc36aab882405b25f4695a91c0feVirustotal results 29 / 73 (39.73%) AgentTesla185.140.53.60:7071
2019-10-10 10:35:252dec6e73433a62c6dc59684783117ff8n/aAgentTesla194.5.98.46:32765
2019-10-10 10:35:252dec6e73433a62c6dc59684783117ff8n/aAgentTesla194.5.98.46:32765
2019-10-08 07:53:00d22cf06370493f2ecc29ab7783d0da54Virustotal results 24/70 (34.29%) AgentTesla194.5.98.46:32765
2019-10-08 07:53:00d22cf06370493f2ecc29ab7783d0da54Virustotal results 24/70 (34.29%) AgentTesla194.5.98.46:32765
2019-10-05 07:57:16d2081e6fcd7b6b4a3d98992e6150faf3Virustotal results 35/66 (53.03%) AgentTesla194.5.98.46:32765
2019-10-05 07:57:16d2081e6fcd7b6b4a3d98992e6150faf3Virustotal results 35/66 (53.03%) AgentTesla194.5.98.46:32765
2019-10-04 04:25:0717c77107fdf35e095d06e55f35c8d7cdVirustotal results 28/68 (41.18%) AgentTesla194.5.98.46:32765
2019-10-04 04:25:0717c77107fdf35e095d06e55f35c8d7cdVirustotal results 28/68 (41.18%) AgentTesla194.5.98.46:32765
2019-09-27 10:11:377690413cc14bc8dbf7160d7f33a6a4c7Virustotal results 26/69 (37.68%) AgentTesla194.5.98.46:32765
2019-09-27 10:11:377690413cc14bc8dbf7160d7f33a6a4c7Virustotal results 26/69 (37.68%) AgentTesla194.5.98.46:32765
2019-09-26 08:30:22011e798c905da9094d814b52cd414eeaVirustotal results 33/70 (47.14%) AgentTesla194.5.98.46:32765
2019-09-26 08:30:22011e798c905da9094d814b52cd414eeaVirustotal results 33/70 (47.14%) AgentTesla194.5.98.46:32765
2019-09-26 05:47:306439a76ef780ba51f9f99c25d2be2b1aVirustotal results 38/70 (54.29%) AgentTesla194.5.98.46:32765
2019-09-26 05:47:306439a76ef780ba51f9f99c25d2be2b1aVirustotal results 38/70 (54.29%) AgentTesla194.5.98.46:32765
2019-09-25 08:00:43632c7066d2342c34000d3d42760f30d7Virustotal results 34/70 (48.57%) AgentTesla194.5.98.46:32765
2019-09-25 08:00:43632c7066d2342c34000d3d42760f30d7Virustotal results 34/70 (48.57%) AgentTesla194.5.98.46:32765
2019-09-13 11:16:19c384a146b46388b0973c7f91f12fa57bVirustotal results 21 / 70 (30.00%) AgentTesla79.134.225.72:1819
2019-09-13 11:16:19c384a146b46388b0973c7f91f12fa57bVirustotal results 21 / 70 (30.00%) AgentTesla79.134.225.72:1819
2019-09-05 00:32:10961cc035ed4135d8d0e1c09b23fbda96Virustotal results 47/68 (69.12%) AgentTesla79.134.225.72:1819
2019-09-05 00:32:10961cc035ed4135d8d0e1c09b23fbda96Virustotal results 47/68 (69.12%) AgentTesla79.134.225.72:1819
2019-07-17 06:20:04a70b7de3d49f7589b8c817aa01029243Virustotal results 33/71 (46.48%) AgentTesla186.138.152.228:449
2019-07-17 06:20:04a70b7de3d49f7589b8c817aa01029243Virustotal results 33/71 (46.48%) AgentTesla186.138.152.228:449
2019-07-13 17:27:23ec7b602a1961d3f1adff2b33388edd51Virustotal results 28/70 (40.00%) AgentTesla190.13.160.19:449
2019-07-13 17:27:23ec7b602a1961d3f1adff2b33388edd51Virustotal results 28/70 (40.00%) AgentTesla190.13.160.19:449
2018-12-02 10:41:311b2e5d5c7c9acebad10ec8c042eb6698n/aAgentTesla46.105.131.72:443
2018-12-02 10:41:311b2e5d5c7c9acebad10ec8c042eb6698n/aAgentTesla46.105.131.72:443
2018-12-02 00:30:41d2b2ec08f88ebebb0543e2e5497985f3n/aAgentTesla46.105.131.72:443
2018-12-02 00:30:41d2b2ec08f88ebebb0543e2e5497985f3n/aAgentTesla46.105.131.72:443
2018-11-27 16:08:070fa497c1a3603a4b629c26afb1e89869n/aAgentTesla83.166.247.211:443
2018-11-27 16:08:070fa497c1a3603a4b629c26afb1e89869n/aAgentTesla185.244.150.230:443
2018-11-27 16:08:070fa497c1a3603a4b629c26afb1e89869n/aAgentTesla172.106.33.46:443
2018-11-27 16:08:070fa497c1a3603a4b629c26afb1e89869n/aAgentTesla83.166.247.211:443
2018-11-27 16:08:070fa497c1a3603a4b629c26afb1e89869n/aAgentTesla185.244.150.230:443
2018-11-27 16:08:070fa497c1a3603a4b629c26afb1e89869n/aAgentTesla172.106.33.46:443
2018-11-19 09:08:17bd98f827d9ed54d1cdd6e3f29f4263c5Virustotal results 40/70 (57.14%) AgentTesla83.166.247.211:443
2018-11-19 09:08:17bd98f827d9ed54d1cdd6e3f29f4263c5Virustotal results 40/70 (57.14%) AgentTesla83.166.247.211:443
2018-11-18 18:44:221118a459712d48627a43bd6171fd725bn/aAgentTesla83.166.247.211:443
2018-11-18 18:44:221118a459712d48627a43bd6171fd725bn/aAgentTesla83.166.247.211:443
2018-11-07 18:21:22006f9afe8f7d391c55679e1837af9c34Virustotal results 43/65 (66.15%) AgentTesla46.105.131.72:443
2018-11-07 18:21:22006f9afe8f7d391c55679e1837af9c34Virustotal results 43/65 (66.15%) AgentTesla46.105.131.72:443
2018-10-23 20:48:460aaf0e876b3ecf638084a07d40ee8a78Virustotal results 39/68 (57.35%) AgentTesla46.105.131.72:443
2018-10-23 20:48:460aaf0e876b3ecf638084a07d40ee8a78Virustotal results 39/68 (57.35%) AgentTesla46.105.131.72:443
2018-10-21 05:21:49175c7553e234be23ab4d12d2b80d7653n/aAgentTesla46.105.131.72:443
2018-10-21 05:21:49175c7553e234be23ab4d12d2b80d7653n/aAgentTesla46.105.131.72:443
2018-10-19 04:47:4916f8c5563982b97116f73273e22cfc9bn/aAgentTesla46.105.131.72:443
2018-10-19 04:47:4916f8c5563982b97116f73273e22cfc9bn/aAgentTesla46.105.131.72:443
2018-10-09 17:48:3200db0660cb65cccc12dc3a3c36ea5396Virustotal results 38/68 (55.88%) AgentTesla46.105.131.72:443
2018-10-09 17:48:3200db0660cb65cccc12dc3a3c36ea5396Virustotal results 38/68 (55.88%) AgentTesla46.105.131.72:443
2018-08-06 14:19:4754ba7cb236593c52e4d700039776678bVirustotal results 24/61 (39.34%) AgentTesla94.142.138.211:443
2018-08-06 14:19:4754ba7cb236593c52e4d700039776678bVirustotal results 24/61 (39.34%) AgentTesla94.142.138.211:443
2018-05-15 06:31:577d51dc81204cf5baea91304d8cf20c16Virustotal results 27/66 (40.91%) AgentTesla185.174.175.14:443
2018-05-15 06:31:577d51dc81204cf5baea91304d8cf20c16Virustotal results 27/66 (40.91%) AgentTesla185.174.175.14:443
2017-03-17 13:45:2918ea0fd6924c6a9f0dd94b060722aeb6Virustotal results 32/62 (51.61%) AgentTesla52.38.159.164:443
2017-03-17 13:45:2918ea0fd6924c6a9f0dd94b060722aeb6Virustotal results 32/62 (51.61%) AgentTesla35.187.46.239:443
2017-03-17 13:45:2918ea0fd6924c6a9f0dd94b060722aeb6Virustotal results 32/62 (51.61%) AgentTesla52.38.159.164:443
2017-03-17 13:45:2918ea0fd6924c6a9f0dd94b060722aeb6Virustotal results 32/62 (51.61%) AgentTesla35.187.46.239:443
2017-02-02 02:22:0661cccc6aa57d6e55ece30be80f7afb97n/aAgentTesla52.33.54.94:443
2017-02-02 02:22:0661cccc6aa57d6e55ece30be80f7afb97n/aAgentTesla52.33.54.94:443