AgentTesla4
AgentTesla .NET MaaS 2014. XLS dropper. SMTP/FTP/Telegram exfil. freightfacilitators.com C2. Keylogger+clipboard.
Threat Profile
Type
Infostealer
Programming LanguageC#/.NET
C2 ProtocolSMTP/FTP/HTTP
First Seen2014
Targets
Finans/Kurumsal
Purpose / Capabilities
- Keylogger+Credential Stealer
C2 Servers 2
1 Active
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
freightfacilitators.com
|
443 | HTTPS | Active | |
iplam.co
|
443 | HTTPS | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (2)
AgentTesla -- XLS Droppper, freightfacilitators.com C2, iplam.co, O365 Relay İzi | Yüksek
AgentTesla 1.7MB XLS dosyasi. freightfacilitators.com C2. iplam.co kisa .co TLD. O365 FR1PEPF Fransa relay sunucusu.
Read Report →AgentTesla 4 -- SWIFT_Payment_Receipt_30062026 Lure, Danimarka Obfuskasyon, BTC 12KHQsz | Kritik
AgentTesla SWIFT ödeme makbuzu lure. Danimarka dili obfusation. BTC 12KHQszuj + 1DQsERzx.
Read Report →