Malware Signature

The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with AgentTesla

Database Entry

Malware:AgentTesla
First seen:2015-03-06 17:08:15 UTC
Last seen:2021-05-08 10:47:38 UTC

Malware Samples

The table below documents all malware samples associated with this malware family.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-04-23 08:30:006c733621e781d970c7cc32108a0ab622Virustotal results 43 / 69 (62.32%) AgentTesla18.224.135.48:1612
2021-03-31 05:03:34a428c6ab3d79e8d79395db1518d414b0Virustotal results 34 / 44 (77.27%) AgentTesla18.224.135.48:9933
2021-03-30 00:25:50f66bcae24e1df34bcc2f15a24a646635Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-27 21:23:23eb73feb8713fbcc20dd4a6861a4b89ban/aAgentTesla193.38.55.33:443
2021-03-25 15:11:44eac5db5e09667ff09e44a179d3837364Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-25 05:37:01926e451b83fa2370e1baf49f75de7937Virustotal results 41 / 69 (59.42%) AgentTesla193.38.55.33:443
2021-03-24 10:42:12cc5b4def26c15ad19de9f6ae7028d0e3Virustotal results 51 / 69 (73.91%) AgentTesla18.224.135.48:2008
2021-03-11 23:29:43897a1239f1ccd07673a2197cd96d1e52Virustotal results 52 / 70 (74.29%) AgentTesla18.224.135.48:1612
2021-03-06 21:58:024bb0b76bfc8d2713dc825b69d8e34702Virustotal results 32 / 70 (45.71%) AgentTesla18.223.156.62:4656
2021-02-28 04:04:559dcd489c5b13e01061ee52fa25f8ed19Virustotal results 55 / 71 (77.46%) AgentTesla3.128.190.178:7777
2021-02-26 22:49:048c64099d4842cf501e218708322065feVirustotal results 54 / 71 (76.06%) AgentTesla3.128.190.178:2403
2021-02-25 16:59:285765461796369a64a73734037897efa4Virustotal results 52 / 69 (75.36%) AgentTesla3.128.190.178:1488
2021-02-24 12:00:07f08d90bf740a2cbbc897d348f6d3bd3fVirustotal results 45 / 70 (64.29%) AgentTesla3.128.190.178:1604
2021-02-24 10:25:58e11349b5c128629768646364a5f1274fVirustotal results 57 / 71 (80.28%) AgentTesla3.128.190.178:1222
2020-11-11 18:19:45fa31c50188c560162f4901f8c168158dn/aAgentTesla37.120.208.36:49703
2020-08-04 06:36:36519841636c066a34094691787e5d6a1dn/aAgentTesla194.5.97.11:27031
2020-07-16 06:37:088dc8dd6ff7a50bf1bdcdaeea069a4ae6n/aAgentTesla185.140.53.11:9845
2020-07-09 01:09:00338fc5b0f469b1b2cdc2d1664b7b0eb5n/aAgentTesla79.134.225.111:7071
2020-06-04 03:04:25c652952cb75398575e938b114e93a29aVirustotal results 25 / 72 (34.72%) AgentTesla91.211.246.72:443
2020-03-05 21:16:045e01bc36aab882405b25f4695a91c0feVirustotal results 29 / 73 (39.73%) AgentTesla185.140.53.60:7071
2019-10-10 10:35:252dec6e73433a62c6dc59684783117ff8n/aAgentTesla194.5.98.46:32765
2019-10-08 07:53:00d22cf06370493f2ecc29ab7783d0da54n/aAgentTesla194.5.98.46:32765
2019-10-05 07:57:16d2081e6fcd7b6b4a3d98992e6150faf3n/aAgentTesla194.5.98.46:32765
2019-10-04 04:25:0717c77107fdf35e095d06e55f35c8d7cdn/aAgentTesla194.5.98.46:32765
2019-09-27 10:11:377690413cc14bc8dbf7160d7f33a6a4c7n/aAgentTesla194.5.98.46:32765
2019-09-26 08:30:22011e798c905da9094d814b52cd414eean/aAgentTesla194.5.98.46:32765
2019-09-26 05:47:306439a76ef780ba51f9f99c25d2be2b1an/aAgentTesla194.5.98.46:32765
2019-09-25 08:00:43632c7066d2342c34000d3d42760f30d7n/aAgentTesla194.5.98.46:32765
2019-09-13 11:16:19c384a146b46388b0973c7f91f12fa57bVirustotal results 21 / 70 (30.00%) AgentTesla79.134.225.72:1819
2019-09-05 00:32:10961cc035ed4135d8d0e1c09b23fbda96n/aAgentTesla79.134.225.72:1819
2019-06-25 13:41:28a927d8695db9223a9f770ddde2a11ac6Virustotal results 50/70 (71.43%) AgentTesla64.111.42.64:443
2019-06-21 20:43:2252ca2ea6892c0618a132c5c9e9bd24b4Virustotal results 50/70 (71.43%) AgentTesla64.111.42.64:443
2019-06-17 20:44:45e4223155853574541db76fcbb7b0abfeVirustotal results 51/70 (72.86%) AgentTesla64.111.42.64:443
2019-05-25 07:03:02c6c1202bd026fadb1463363a1fff2a69Virustotal results 51/68 (75.00%) AgentTesla64.111.42.64:443
2019-05-12 04:29:371d5e789b97baa4a5db7e99d83978f79eVirustotal results 52/71 (73.24%) AgentTesla64.111.42.64:443
2019-05-03 04:48:10e51c77dfcdeff073a1caf10ab98ab8d4Virustotal results 52/72 (72.22%) AgentTesla64.111.42.64:443
2019-04-20 05:00:46b8bbc59c65613a706e2754e7265d439aVirustotal results 50/69 (72.46%) AgentTesla64.111.42.64:443
2019-02-23 02:13:343484f5b4c11318e0e36e928d0b92dd8cVirustotal results 40/66 (60.61%) AgentTesla64.111.42.64:443
2018-12-02 00:30:41d2b2ec08f88ebebb0543e2e5497985f3n/aAgentTesla46.105.131.72:443
2018-11-19 09:08:17bd98f827d9ed54d1cdd6e3f29f4263c5n/aAgentTesla83.166.247.211:443
2018-08-28 15:24:24e29acf765c3fd18b87fcbda8de66adcbVirustotal results 48/68 (70.59%) AgentTesla37.57.144.177:443
2018-08-17 11:20:505a1911fae3dc2c3a17659de760678d9aVirustotal results 47/68 (69.12%) AgentTesla37.57.144.177:443
2018-08-08 04:47:4776f1791b5192fc1b860020875ba35cdcVirustotal results 48/68 (70.59%) AgentTesla37.57.144.177:443
2018-08-06 14:19:4754ba7cb236593c52e4d700039776678bVirustotal results 24/61 (39.34%) AgentTesla94.142.138.211:443
2018-06-06 10:13:49a71fbb16f47d85bc98e4d827f52231eeVirustotal results 55/68 (80.88%) AgentTesla64.111.42.64:443
2018-05-30 17:59:490768788211d854064f344f2fe0471addn/aAgentTesla37.57.144.177:443
2018-05-15 06:31:577d51dc81204cf5baea91304d8cf20c16Virustotal results 27/66 (40.91%) AgentTesla185.174.175.14:443
2018-04-10 16:09:56ed679e1935b66a61f53085c58833106fVirustotal results 51/66 (77.27%) AgentTesla67.221.195.6:443
2018-03-05 22:08:2705f65c241abd95222a39e467681b7cfbVirustotal results 52/58 (89.66%) AgentTesla67.221.195.6:443
2018-01-31 08:23:21a2f7b9f52a5b010374a73300ed03afadVirustotal results 51/65 (78.46%) AgentTesla67.221.195.6:443
2018-01-28 08:46:01a356d65b0c90a348f78cfdd3d81a4e64Virustotal results 54/65 (83.08%) AgentTesla64.111.42.64:443
2018-01-05 05:56:39a507ab8b8d87bb559fedfe3c259087ecVirustotal results 58/67 (86.57%) AgentTesla37.57.144.177:443
2017-12-19 03:58:49ca294efe94b7d73d211010a5c33f50e2Virustotal results 59/68 (86.76%) AgentTesla67.221.195.6:443
2017-12-12 14:12:35ced83d6fd4f18a87afbbbc4cef522117Virustotal results 57/68 (83.82%) AgentTesla67.221.195.6:443
2017-12-10 10:25:56a4c8fa4812e89b7eab4787a810cacae3Virustotal results 56/68 (82.35%) AgentTesla67.221.195.6:443
2017-10-26 09:59:08a4dadce3a28aa8cbde3b5d214962ef32Virustotal results 57/67 (85.07%) AgentTesla67.221.195.6:443
2017-08-24 14:35:48a64d3c0e27f01066ae3711377aedfe64Virustotal results 56/64 (87.50%) AgentTesla64.111.42.64:443
2017-06-17 13:06:36a0c98eab565003be4e195d96e29c643aVirustotal results 50/61 (81.97%) AgentTesla37.57.144.177:443
2017-04-02 18:16:44093b15ceaa12c0ae1862004eaab03fd8Virustotal results 52/62 (83.87%) AgentTesla37.57.144.177:443
2017-04-02 17:19:23a5686c3cb5a350c7cfea55032449734aVirustotal results 50/62 (80.65%) AgentTesla67.221.195.6:443
2017-03-29 08:31:5522e76f6d6a41daaf5b587e5e084a7ee1Virustotal results 49/61 (80.33%) AgentTesla64.111.42.64:443
2017-03-28 18:18:18a429214710eaa34952fba516bc4254cfVirustotal results 54/62 (87.10%) AgentTesla37.57.144.177:443
2017-03-24 00:39:51b2a95548e6d6b836c516655f1069c4c0Virustotal results 51/61 (83.61%) AgentTesla37.57.144.177:443
2017-03-23 23:58:29b1033d7ed43be12909daf5fb4214bd63Virustotal results 54/62 (87.10%) AgentTesla64.111.42.64:443
2017-03-23 21:37:06a4640af6c6b8009c9dd43f5429dd66c2Virustotal results 51/62 (82.26%) AgentTesla37.57.144.177:443
2017-03-23 04:36:213c16f7c2db9c935b3a5c119e705f198cVirustotal results 53/62 (85.48%) AgentTesla64.111.42.64:443
2017-03-22 04:10:0280d16b517a92eaef00ddbb7f9b02949bVirustotal results 51/62 (82.26%) AgentTesla37.57.144.177:443
2017-03-20 14:55:51a04e8570d16563fea122084dbd868c93Virustotal results 54/62 (87.10%) AgentTesla64.111.42.64:443
2017-03-19 07:01:24b4f3017b71cf48fb22c7606923c537e3Virustotal results 52/62 (83.87%) AgentTesla37.57.144.177:443
2017-03-17 13:45:2918ea0fd6924c6a9f0dd94b060722aeb6Virustotal results 32/62 (51.61%) AgentTesla35.187.46.239:443
2017-03-17 13:45:2918ea0fd6924c6a9f0dd94b060722aeb6Virustotal results 32/62 (51.61%) AgentTesla52.38.159.164:443
2017-03-08 09:53:56b74731b617b9d5a04db436e249198a58Virustotal results 49/58 (84.48%) AgentTesla67.221.195.6:443
2017-03-08 08:39:14a33fdd3644842673df2932c88e14f835Virustotal results 49/59 (83.05%) AgentTesla37.57.144.177:443
2017-02-05 20:06:10a06a0058569dab3ce6a9ba7ea157dc2dVirustotal results 45/55 (81.82%) AgentTesla37.57.144.177:443
2017-02-05 03:37:09f5f034faf1ca88076afa206df1591a90Virustotal results 47/57 (82.46%) AgentTesla37.57.144.177:443
2017-02-02 12:05:58a04815338fc4e22556a59456a4b1783fVirustotal results 47/56 (83.93%) AgentTesla37.57.144.177:443
2017-02-02 02:22:0661cccc6aa57d6e55ece30be80f7afb97n/aAgentTesla52.33.54.94:443
2016-12-31 05:23:56a796dfb68f5b386977c83b7e47862f34Virustotal results 46/55 (83.64%) AgentTesla64.111.42.64:443
2016-12-24 19:06:43a55b771f1bc52ff327297c8bc245f7edVirustotal results 45/55 (81.82%) AgentTesla37.57.144.177:443
2016-12-11 07:35:21f7e7eda127adfea7157d7d615cb384c8Virustotal results 47/57 (82.46%) AgentTesla64.111.42.64:443
2016-11-25 18:29:42a3096769903b9350a3828c141413214dVirustotal results 47/57 (82.46%) AgentTesla64.111.42.64:443
2016-10-02 18:46:20a5a10cda91471b629d44248abf3d9c7dVirustotal results 48/57 (84.21%) AgentTesla64.111.42.64:443
2016-09-22 10:02:1569149f0f61ed5a7709cfac78995deea9Virustotal results 45/57 (78.95%) AgentTesla37.57.144.177:443
2016-09-07 07:43:31a4ea59bac0aea232c89c3f428fe96946Virustotal results 47/58 (81.03%) AgentTesla37.57.144.177:443
2016-08-17 21:24:47a04f751921937ac4c125350d3d7329edVirustotal results 46/56 (82.14%) AgentTesla37.57.144.177:443
2016-08-06 04:22:34a50d002162412d2a2f0319c9b856c5f4Virustotal results 46/55 (83.64%) AgentTesla37.57.144.177:443
2016-07-26 18:37:22a13691b31b1337a731392c5fdf2b5572Virustotal results 46/54 (85.19%) AgentTesla64.111.42.64:443
2016-06-27 09:23:22a500e37c88a2039be2265580120de22dVirustotal results 47/55 (85.45%) AgentTesla37.57.144.177:443
2016-06-21 11:02:14bd53f3005050dd3828ce1b215c3e9d57Virustotal results 46/55 (83.64%) AgentTesla37.57.144.177:443
2016-05-28 20:09:45b52dd041e3a963b2710d973663a3faf6Virustotal results 47/57 (82.46%) AgentTesla37.57.144.177:443
2016-05-25 10:35:25b362fa78ee1a3913799e2326289cb19dVirustotal results 49/57 (85.96%) AgentTesla64.111.42.64:443
2016-05-08 03:28:52d38c5ee37bf3c241861a4aea2a170041Virustotal results 47/56 (83.93%) AgentTesla37.57.144.177:443
2016-05-02 10:23:51d269748dd15718f39034e0e0f80fc97fVirustotal results 48/57 (84.21%) AgentTesla188.255.243.105:443
2016-04-29 21:28:44e6c3dbd29f1568a6f6e6887f9a8d5c42Virustotal results 48/57 (84.21%) AgentTesla24.220.92.193:443
2016-04-25 11:44:30dfd305519873027e384f49e3e9657831Virustotal results 47/57 (82.46%) AgentTesla188.255.243.105:443
2016-04-07 02:37:12a719fdedc540fede2bca64b7009ea6dbVirustotal results 48/57 (84.21%) AgentTesla188.255.243.105:443
2016-04-06 00:42:03a072a73f3b15c574e4e2a61cf3600f59Virustotal results 44/56 (78.57%) AgentTesla217.168.210.122:443
2016-02-12 18:56:39a44983eef58deb93d832b1c195e9075aVirustotal results 44/55 (80.00%) AgentTesla64.111.36.52:443
2016-02-10 16:09:0909c7d3343b1634e8306f744761bc579dVirustotal results 44/54 (81.48%) AgentTesla176.36.251.208:443
2015-10-07 07:09:13a17845a94bd09014d996f5b670096989Virustotal results 43/57 (75.44%) AgentTesla68.70.242.203:443
2015-10-07 07:09:13a17845a94bd09014d996f5b670096989Virustotal results 43/57 (75.44%) AgentTesla173.216.247.74:443
2015-10-07 07:09:13a17845a94bd09014d996f5b670096989Virustotal results 43/57 (75.44%) AgentTesla37.57.144.177:443
2015-10-07 07:09:13a17845a94bd09014d996f5b670096989Virustotal results 43/57 (75.44%) AgentTesla217.168.210.122:443
2015-10-01 22:24:360330e14ef2e17718bad0fbb1ff9e5a39Virustotal results 38/56 (67.86%) AgentTesla188.255.236.184:443
2015-10-01 22:24:360330e14ef2e17718bad0fbb1ff9e5a39Virustotal results 38/56 (67.86%) AgentTesla24.33.131.116:443
2015-09-28 17:22:55901e6ea72989df62c1331579515da392Virustotal results 44/57 (77.19%) AgentTesla188.255.236.184:443
2015-09-28 17:22:55901e6ea72989df62c1331579515da392Virustotal results 44/57 (77.19%) AgentTesla67.207.229.215:443
2015-09-28 17:22:55901e6ea72989df62c1331579515da392Virustotal results 44/57 (77.19%) AgentTesla68.70.242.203:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla87.249.142.189:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla77.48.30.156:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla72.230.82.80:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla67.221.195.6:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla65.33.236.173:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla69.9.204.114:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla85.135.104.170:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla24.33.131.116:443
2015-09-26 04:29:25188fe85aba9ac9780871ede4cc6c63b4Virustotal results 35/57 (61.40%) AgentTesla24.220.92.193:443
2015-09-22 13:32:23009ed0f89c473576342e645f6e9483a7n/aAgentTesla68.70.242.203:443
2015-09-22 13:32:23009ed0f89c473576342e645f6e9483a7n/aAgentTesla208.117.68.78:443
2015-09-22 13:32:23009ed0f89c473576342e645f6e9483a7n/aAgentTesla63.248.156.246:443
2015-09-22 13:32:23009ed0f89c473576342e645f6e9483a7n/aAgentTesla64.111.36.52:443
2015-09-22 13:32:23009ed0f89c473576342e645f6e9483a7n/aAgentTesla188.255.243.105:443
2015-09-22 13:32:23009ed0f89c473576342e645f6e9483a7n/aAgentTesla85.135.104.170:443
2015-09-07 10:46:0904011ebd31738d924b9398f6e31627f7Virustotal results 32/57 (56.14%) AgentTesla24.33.131.116:443
2015-08-23 19:46:188478ab80b977e57db5885ac16b97c2d5Virustotal results 35/57 (61.40%) AgentTesla68.55.59.145:443
2015-08-23 19:46:188478ab80b977e57db5885ac16b97c2d5Virustotal results 35/57 (61.40%) AgentTesla31.170.85.128:4443
2015-08-23 19:46:188478ab80b977e57db5885ac16b97c2d5Virustotal results 35/57 (61.40%) AgentTesla31.170.85.128:4443
2015-08-23 19:46:188478ab80b977e57db5885ac16b97c2d5Virustotal results 35/57 (61.40%) AgentTesla87.249.142.189:443
2015-08-20 21:31:352e83a83b732552d0c44c5a2315186d33Virustotal results 38/56 (67.86%) AgentTesla37.57.144.177:443
2015-08-20 21:31:352e83a83b732552d0c44c5a2315186d33Virustotal results 38/56 (67.86%) AgentTesla87.249.142.189:443
2015-08-20 21:31:352e83a83b732552d0c44c5a2315186d33Virustotal results 38/56 (67.86%) AgentTesla67.221.195.53:4443
2015-08-20 21:31:352e83a83b732552d0c44c5a2315186d33Virustotal results 38/56 (67.86%) AgentTesla68.55.59.145:443
2015-08-20 21:31:352e83a83b732552d0c44c5a2315186d33Virustotal results 38/56 (67.86%) AgentTesla37.57.144.177:443
2015-08-19 20:19:028db282e2503676037637714c3768debdVirustotal results 32/56 (57.14%) AgentTesla173.248.31.6:443
2015-08-17 11:27:0150d97e66faad9006234253d75e9b9fe7n/aAgentTesla209.40.238.170:443
2015-08-17 11:27:0150d97e66faad9006234253d75e9b9fe7n/aAgentTesla93.91.154.243:443
2015-08-16 19:51:1453295c5c2a9bb9e409dee6c8c6dd01cbVirustotal results 32/56 (57.14%) AgentTesla87.249.142.189:443
2015-08-14 14:13:344f409163e6f9b648e4eec240afc74cd0Virustotal results 29/56 (51.79%) AgentTesla173.248.31.6:443
2015-08-14 14:13:344f409163e6f9b648e4eec240afc74cd0Virustotal results 29/56 (51.79%) AgentTesla209.193.76.194:443
2015-08-14 13:46:22487b4a2fcf701c38193fcaa7ccdf48a6Virustotal results 29/56 (51.79%) AgentTesla173.216.247.74:443
2015-08-14 13:08:4676a41bd17b7f4c792c300aa76dd46287Virustotal results 42/53 (79.25%) AgentTesla98.181.17.39:443
2015-08-14 09:57:44815e416378314c046126809f8eb58a21n/aAgentTesla24.33.131.116:443
2015-08-14 09:57:44815e416378314c046126809f8eb58a21n/aAgentTesla69.9.204.31:443
2015-05-19 17:31:33afc18fd19b538d1818f039dfe60e500dVirustotal results 35/57 (61.40%) AgentTesla79.101.42.247:443
2015-05-19 17:31:33afc18fd19b538d1818f039dfe60e500dVirustotal results 35/57 (61.40%) AgentTesla95.181.53.78:443
2015-03-18 01:37:4531aef28651e46817ee13813e48046614Virustotal results 40/57 (70.18%) AgentTesla62.122.69.172:4443
2015-03-18 01:37:4531aef28651e46817ee13813e48046614Virustotal results 40/57 (70.18%) AgentTesla212.56.214.203:443
2015-03-06 17:08:1507f67c004e2334fc80193445db1130b6Virustotal results 8/57 (14.04%) AgentTesla31.131.142.226:4443
2015-03-06 17:08:1507f67c004e2334fc80193445db1130b6Virustotal results 8/57 (14.04%) AgentTesla31.131.142.226:4443