Malware Signature
The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with AgentTesla
Database Entry
| Malware: | AgentTesla |
|---|---|
| First seen: | 2015-03-06 17:08:15 UTC |
| Last seen: | 2019-12-06 07:14:35 UTC |
Malware Samples
The table below documents all malware samples associated with this malware family.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2019-10-10 10:35:25 | 2dec6e73433a62c6dc59684783117ff8 | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-10-08 07:53:00 | d22cf06370493f2ecc29ab7783d0da54 | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-10-05 07:57:16 | d2081e6fcd7b6b4a3d98992e6150faf3 | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-10-04 04:25:07 | 17c77107fdf35e095d06e55f35c8d7cd | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-09-27 10:11:37 | 7690413cc14bc8dbf7160d7f33a6a4c7 | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-09-26 08:30:22 | 011e798c905da9094d814b52cd414eea | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-09-26 05:47:30 | 6439a76ef780ba51f9f99c25d2be2b1a | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-09-25 08:00:43 | 632c7066d2342c34000d3d42760f30d7 | n/a | AgentTesla | 194.5.98.46:32765 |
| 2019-09-13 11:16:19 | c384a146b46388b0973c7f91f12fa57b |  21 / 70 (30.00%)
| AgentTesla | 79.134.225.72:1819 |
| 2019-09-05 00:32:10 | 961cc035ed4135d8d0e1c09b23fbda96 | n/a | AgentTesla | 79.134.225.72:1819 |
| 2019-06-25 13:41:28 | a927d8695db9223a9f770ddde2a11ac6 | 50/70 (71.43%)
| AgentTesla | 64.111.42.64:443 |
| 2019-06-21 20:43:22 | 52ca2ea6892c0618a132c5c9e9bd24b4 | 50/70 (71.43%)
| AgentTesla | 64.111.42.64:443 |
| 2019-06-17 20:44:45 | e4223155853574541db76fcbb7b0abfe | 51/70 (72.86%)
| AgentTesla | 64.111.42.64:443 |
| 2019-05-25 07:03:02 | c6c1202bd026fadb1463363a1fff2a69 | 51/68 (75.00%)
| AgentTesla | 64.111.42.64:443 |
| 2019-05-12 04:29:37 | 1d5e789b97baa4a5db7e99d83978f79e | 52/71 (73.24%)
| AgentTesla | 64.111.42.64:443 |
| 2019-05-03 04:48:10 | e51c77dfcdeff073a1caf10ab98ab8d4 | 52/72 (72.22%)
| AgentTesla | 64.111.42.64:443 |
| 2019-04-20 05:00:46 | b8bbc59c65613a706e2754e7265d439a | 50/69 (72.46%)
| AgentTesla | 64.111.42.64:443 |
| 2019-02-23 02:13:34 | 3484f5b4c11318e0e36e928d0b92dd8c | 40/66 (60.61%)
| AgentTesla | 64.111.42.64:443 |
| 2018-12-02 00:30:41 | d2b2ec08f88ebebb0543e2e5497985f3 | n/a | AgentTesla | 46.105.131.72:443 |
| 2018-11-19 09:08:17 | bd98f827d9ed54d1cdd6e3f29f4263c5 | n/a | AgentTesla | 83.166.247.211:443 |
| 2018-08-28 15:24:24 | e29acf765c3fd18b87fcbda8de66adcb | 48/68 (70.59%)
| AgentTesla | 37.57.144.177:443 |
| 2018-08-17 11:20:50 | 5a1911fae3dc2c3a17659de760678d9a | 47/68 (69.12%)
| AgentTesla | 37.57.144.177:443 |
| 2018-08-08 04:47:47 | 76f1791b5192fc1b860020875ba35cdc | 48/68 (70.59%)
| AgentTesla | 37.57.144.177:443 |
| 2018-08-06 14:19:47 | 54ba7cb236593c52e4d700039776678b | 24/61 (39.34%)
| AgentTesla | 94.142.138.211:443 |
| 2018-06-06 10:13:49 | a71fbb16f47d85bc98e4d827f52231ee | 55/68 (80.88%)
| AgentTesla | 64.111.42.64:443 |
| 2018-05-30 17:59:49 | 0768788211d854064f344f2fe0471add | n/a | AgentTesla | 37.57.144.177:443 |
| 2018-05-15 06:31:57 | 7d51dc81204cf5baea91304d8cf20c16 | 27/66 (40.91%)
| AgentTesla | 185.174.175.14:443 |
| 2018-04-10 16:09:56 | ed679e1935b66a61f53085c58833106f | 51/66 (77.27%)
| AgentTesla | 67.221.195.6:443 |
| 2018-03-05 22:08:27 | 05f65c241abd95222a39e467681b7cfb | 52/58 (89.66%)
| AgentTesla | 67.221.195.6:443 |
| 2018-01-31 08:23:21 | a2f7b9f52a5b010374a73300ed03afad | 51/65 (78.46%)
| AgentTesla | 67.221.195.6:443 |
| 2018-01-28 08:46:01 | a356d65b0c90a348f78cfdd3d81a4e64 | 54/65 (83.08%)
| AgentTesla | 64.111.42.64:443 |
| 2018-01-05 05:56:39 | a507ab8b8d87bb559fedfe3c259087ec | 58/67 (86.57%)
| AgentTesla | 37.57.144.177:443 |
| 2017-12-19 03:58:49 | ca294efe94b7d73d211010a5c33f50e2 | 59/68 (86.76%)
| AgentTesla | 67.221.195.6:443 |
| 2017-12-12 14:12:35 | ced83d6fd4f18a87afbbbc4cef522117 | 57/68 (83.82%)
| AgentTesla | 67.221.195.6:443 |
| 2017-12-10 10:25:56 | a4c8fa4812e89b7eab4787a810cacae3 | 56/68 (82.35%)
| AgentTesla | 67.221.195.6:443 |
| 2017-10-26 09:59:08 | a4dadce3a28aa8cbde3b5d214962ef32 | 57/67 (85.07%)
| AgentTesla | 67.221.195.6:443 |
| 2017-08-24 14:35:48 | a64d3c0e27f01066ae3711377aedfe64 | 56/64 (87.50%)
| AgentTesla | 64.111.42.64:443 |
| 2017-06-17 13:06:36 | a0c98eab565003be4e195d96e29c643a | 50/61 (81.97%)
| AgentTesla | 37.57.144.177:443 |
| 2017-04-02 18:16:44 | 093b15ceaa12c0ae1862004eaab03fd8 | 52/62 (83.87%)
| AgentTesla | 37.57.144.177:443 |
| 2017-04-02 17:19:23 | a5686c3cb5a350c7cfea55032449734a | 50/62 (80.65%)
| AgentTesla | 67.221.195.6:443 |
| 2017-03-29 08:31:55 | 22e76f6d6a41daaf5b587e5e084a7ee1 | 49/61 (80.33%)
| AgentTesla | 64.111.42.64:443 |
| 2017-03-28 18:18:18 | a429214710eaa34952fba516bc4254cf | 54/62 (87.10%)
| AgentTesla | 37.57.144.177:443 |
| 2017-03-24 00:39:51 | b2a95548e6d6b836c516655f1069c4c0 | 51/61 (83.61%)
| AgentTesla | 37.57.144.177:443 |
| 2017-03-23 23:58:29 | b1033d7ed43be12909daf5fb4214bd63 | 54/62 (87.10%)
| AgentTesla | 64.111.42.64:443 |
| 2017-03-23 21:37:06 | a4640af6c6b8009c9dd43f5429dd66c2 | 51/62 (82.26%)
| AgentTesla | 37.57.144.177:443 |
| 2017-03-23 04:36:21 | 3c16f7c2db9c935b3a5c119e705f198c | 53/62 (85.48%)
| AgentTesla | 64.111.42.64:443 |
| 2017-03-22 04:10:02 | 80d16b517a92eaef00ddbb7f9b02949b | 51/62 (82.26%)
| AgentTesla | 37.57.144.177:443 |
| 2017-03-20 14:55:51 | a04e8570d16563fea122084dbd868c93 | 54/62 (87.10%)
| AgentTesla | 64.111.42.64:443 |
| 2017-03-19 07:01:24 | b4f3017b71cf48fb22c7606923c537e3 | 52/62 (83.87%)
| AgentTesla | 37.57.144.177:443 |
| 2017-03-17 13:45:29 | 18ea0fd6924c6a9f0dd94b060722aeb6 | 32/62 (51.61%)
| AgentTesla | 52.38.159.164:443 |
| 2017-03-17 13:45:29 | 18ea0fd6924c6a9f0dd94b060722aeb6 | 32/62 (51.61%)
| AgentTesla | 35.187.46.239:443 |
| 2017-03-08 09:53:56 | b74731b617b9d5a04db436e249198a58 | 49/58 (84.48%)
| AgentTesla | 67.221.195.6:443 |
| 2017-03-08 08:39:14 | a33fdd3644842673df2932c88e14f835 | 49/59 (83.05%)
| AgentTesla | 37.57.144.177:443 |
| 2017-02-05 20:06:10 | a06a0058569dab3ce6a9ba7ea157dc2d | 45/55 (81.82%)
| AgentTesla | 37.57.144.177:443 |
| 2017-02-05 03:37:09 | f5f034faf1ca88076afa206df1591a90 | 47/57 (82.46%)
| AgentTesla | 37.57.144.177:443 |
| 2017-02-02 12:05:58 | a04815338fc4e22556a59456a4b1783f | 47/56 (83.93%)
| AgentTesla | 37.57.144.177:443 |
| 2017-02-02 02:22:06 | 61cccc6aa57d6e55ece30be80f7afb97 | n/a | AgentTesla | 52.33.54.94:443 |
| 2016-12-31 05:23:56 | a796dfb68f5b386977c83b7e47862f34 | 46/55 (83.64%)
| AgentTesla | 64.111.42.64:443 |
| 2016-12-24 19:06:43 | a55b771f1bc52ff327297c8bc245f7ed | 45/55 (81.82%)
| AgentTesla | 37.57.144.177:443 |
| 2016-12-11 07:35:21 | f7e7eda127adfea7157d7d615cb384c8 | 47/57 (82.46%)
| AgentTesla | 64.111.42.64:443 |
| 2016-11-25 18:29:42 | a3096769903b9350a3828c141413214d | 47/57 (82.46%)
| AgentTesla | 64.111.42.64:443 |
| 2016-10-02 18:46:20 | a5a10cda91471b629d44248abf3d9c7d | 48/57 (84.21%)
| AgentTesla | 64.111.42.64:443 |
| 2016-09-22 10:02:15 | 69149f0f61ed5a7709cfac78995deea9 | 45/57 (78.95%)
| AgentTesla | 37.57.144.177:443 |
| 2016-09-07 07:43:31 | a4ea59bac0aea232c89c3f428fe96946 | 47/58 (81.03%)
| AgentTesla | 37.57.144.177:443 |
| 2016-08-17 21:24:47 | a04f751921937ac4c125350d3d7329ed | 46/56 (82.14%)
| AgentTesla | 37.57.144.177:443 |
| 2016-08-06 04:22:34 | a50d002162412d2a2f0319c9b856c5f4 | 46/55 (83.64%)
| AgentTesla | 37.57.144.177:443 |
| 2016-07-26 18:37:22 | a13691b31b1337a731392c5fdf2b5572 | 46/54 (85.19%)
| AgentTesla | 64.111.42.64:443 |
| 2016-06-27 09:23:22 | a500e37c88a2039be2265580120de22d | 47/55 (85.45%)
| AgentTesla | 37.57.144.177:443 |
| 2016-06-21 11:02:14 | bd53f3005050dd3828ce1b215c3e9d57 | 46/55 (83.64%)
| AgentTesla | 37.57.144.177:443 |
| 2016-05-28 20:09:45 | b52dd041e3a963b2710d973663a3faf6 | 47/57 (82.46%)
| AgentTesla | 37.57.144.177:443 |
| 2016-05-25 10:35:25 | b362fa78ee1a3913799e2326289cb19d | 49/57 (85.96%)
| AgentTesla | 64.111.42.64:443 |
| 2016-05-08 03:28:52 | d38c5ee37bf3c241861a4aea2a170041 | 47/56 (83.93%)
| AgentTesla | 37.57.144.177:443 |
| 2016-05-02 10:23:51 | d269748dd15718f39034e0e0f80fc97f | 48/57 (84.21%)
| AgentTesla | 188.255.243.105:443 |
| 2016-04-29 21:28:44 | e6c3dbd29f1568a6f6e6887f9a8d5c42 | 48/57 (84.21%)
| AgentTesla | 24.220.92.193:443 |
| 2016-04-25 11:44:30 | dfd305519873027e384f49e3e9657831 | 47/57 (82.46%)
| AgentTesla | 188.255.243.105:443 |
| 2016-04-07 02:37:12 | a719fdedc540fede2bca64b7009ea6db | 48/57 (84.21%)
| AgentTesla | 188.255.243.105:443 |
| 2016-04-06 00:42:03 | a072a73f3b15c574e4e2a61cf3600f59 | 44/56 (78.57%)
| AgentTesla | 217.168.210.122:443 |
| 2016-02-12 18:56:39 | a44983eef58deb93d832b1c195e9075a | 44/55 (80.00%)
| AgentTesla | 64.111.36.52:443 |
| 2016-02-10 16:09:09 | 09c7d3343b1634e8306f744761bc579d | 44/54 (81.48%)
| AgentTesla | 176.36.251.208:443 |
| 2015-10-07 07:09:13 | a17845a94bd09014d996f5b670096989 | 43/57 (75.44%)
| AgentTesla | 68.70.242.203:443 |
| 2015-10-07 07:09:13 | a17845a94bd09014d996f5b670096989 | 43/57 (75.44%)
| AgentTesla | 173.216.247.74:443 |
| 2015-10-07 07:09:13 | a17845a94bd09014d996f5b670096989 | 43/57 (75.44%)
| AgentTesla | 37.57.144.177:443 |
| 2015-10-07 07:09:13 | a17845a94bd09014d996f5b670096989 | 43/57 (75.44%)
| AgentTesla | 217.168.210.122:443 |
| 2015-10-01 22:24:36 | 0330e14ef2e17718bad0fbb1ff9e5a39 | 38/56 (67.86%)
| AgentTesla | 24.33.131.116:443 |
| 2015-10-01 22:24:36 | 0330e14ef2e17718bad0fbb1ff9e5a39 | 38/56 (67.86%)
| AgentTesla | 188.255.236.184:443 |
| 2015-09-28 17:22:55 | 901e6ea72989df62c1331579515da392 | 44/57 (77.19%)
| AgentTesla | 188.255.236.184:443 |
| 2015-09-28 17:22:55 | 901e6ea72989df62c1331579515da392 | 44/57 (77.19%)
| AgentTesla | 67.207.229.215:443 |
| 2015-09-28 17:22:55 | 901e6ea72989df62c1331579515da392 | 44/57 (77.19%)
| AgentTesla | 68.70.242.203:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 69.9.204.114:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 85.135.104.170:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 24.33.131.116:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 24.220.92.193:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 87.249.142.189:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 77.48.30.156:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 72.230.82.80:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 67.221.195.6:443 |
| 2015-09-26 04:29:25 | 188fe85aba9ac9780871ede4cc6c63b4 | 35/57 (61.40%)
| AgentTesla | 65.33.236.173:443 |
| 2015-09-22 13:32:23 | 009ed0f89c473576342e645f6e9483a7 | n/a | AgentTesla | 85.135.104.170:443 |
| 2015-09-22 13:32:23 | 009ed0f89c473576342e645f6e9483a7 | n/a | AgentTesla | 68.70.242.203:443 |
| 2015-09-22 13:32:23 | 009ed0f89c473576342e645f6e9483a7 | n/a | AgentTesla | 208.117.68.78:443 |
| 2015-09-22 13:32:23 | 009ed0f89c473576342e645f6e9483a7 | n/a | AgentTesla | 63.248.156.246:443 |
| 2015-09-22 13:32:23 | 009ed0f89c473576342e645f6e9483a7 | n/a | AgentTesla | 64.111.36.52:443 |
| 2015-09-22 13:32:23 | 009ed0f89c473576342e645f6e9483a7 | n/a | AgentTesla | 188.255.243.105:443 |
| 2015-09-07 10:46:09 | 04011ebd31738d924b9398f6e31627f7 | 32/57 (56.14%)
| AgentTesla | 24.33.131.116:443 |
| 2015-08-23 19:46:18 | 8478ab80b977e57db5885ac16b97c2d5 | 35/57 (61.40%)
| AgentTesla | 87.249.142.189:443 |
| 2015-08-23 19:46:18 | 8478ab80b977e57db5885ac16b97c2d5 | 35/57 (61.40%)
| AgentTesla | 68.55.59.145:443 |
| 2015-08-23 19:46:18 | 8478ab80b977e57db5885ac16b97c2d5 | 35/57 (61.40%)
| AgentTesla | 31.170.85.128:4443 |
| 2015-08-23 19:46:18 | 8478ab80b977e57db5885ac16b97c2d5 | 35/57 (61.40%)
| AgentTesla | 31.170.85.128:4443 |
| 2015-08-20 21:31:35 | 2e83a83b732552d0c44c5a2315186d33 | 38/56 (67.86%)
| AgentTesla | 68.55.59.145:443 |
| 2015-08-20 21:31:35 | 2e83a83b732552d0c44c5a2315186d33 | 38/56 (67.86%)
| AgentTesla | 37.57.144.177:443 |
| 2015-08-20 21:31:35 | 2e83a83b732552d0c44c5a2315186d33 | 38/56 (67.86%)
| AgentTesla | 37.57.144.177:443 |
| 2015-08-20 21:31:35 | 2e83a83b732552d0c44c5a2315186d33 | 38/56 (67.86%)
| AgentTesla | 87.249.142.189:443 |
| 2015-08-20 21:31:35 | 2e83a83b732552d0c44c5a2315186d33 | 38/56 (67.86%)
| AgentTesla | 67.221.195.53:4443 |
| 2015-08-19 20:19:02 | 8db282e2503676037637714c3768debd | 32/56 (57.14%)
| AgentTesla | 173.248.31.6:443 |
| 2015-08-17 11:27:01 | 50d97e66faad9006234253d75e9b9fe7 | n/a | AgentTesla | 209.40.238.170:443 |
| 2015-08-17 11:27:01 | 50d97e66faad9006234253d75e9b9fe7 | n/a | AgentTesla | 93.91.154.243:443 |
| 2015-08-16 19:51:14 | 53295c5c2a9bb9e409dee6c8c6dd01cb | 32/56 (57.14%)
| AgentTesla | 87.249.142.189:443 |
| 2015-08-14 14:13:34 | 4f409163e6f9b648e4eec240afc74cd0 | 29/56 (51.79%)
| AgentTesla | 173.248.31.6:443 |
| 2015-08-14 14:13:34 | 4f409163e6f9b648e4eec240afc74cd0 | 29/56 (51.79%)
| AgentTesla | 209.193.76.194:443 |
| 2015-08-14 13:46:22 | 487b4a2fcf701c38193fcaa7ccdf48a6 | 29/56 (51.79%)
| AgentTesla | 173.216.247.74:443 |
| 2015-08-14 13:08:46 | 76a41bd17b7f4c792c300aa76dd46287 | 42/53 (79.25%)
| AgentTesla | 98.181.17.39:443 |
| 2015-08-14 09:57:44 | 815e416378314c046126809f8eb58a21 | n/a | AgentTesla | 69.9.204.31:443 |
| 2015-08-14 09:57:44 | 815e416378314c046126809f8eb58a21 | n/a | AgentTesla | 24.33.131.116:443 |
| 2015-05-19 17:31:33 | afc18fd19b538d1818f039dfe60e500d | 35/57 (61.40%)
| AgentTesla | 79.101.42.247:443 |
| 2015-05-19 17:31:33 | afc18fd19b538d1818f039dfe60e500d | 35/57 (61.40%)
| AgentTesla | 95.181.53.78:443 |
| 2015-03-18 01:37:45 | 31aef28651e46817ee13813e48046614 | 40/57 (70.18%)
| AgentTesla | 62.122.69.172:4443 |
| 2015-03-18 01:37:45 | 31aef28651e46817ee13813e48046614 | 40/57 (70.18%)
| AgentTesla | 212.56.214.203:443 |
| 2015-03-06 17:08:15 | 07f67c004e2334fc80193445db1130b6 | 8/57 (14.04%)
| AgentTesla | 31.131.142.226:4443 |
| 2015-03-06 17:08:15 | 07f67c004e2334fc80193445db1130b6 | 8/57 (14.04%)
| AgentTesla | 31.131.142.226:4443 |