Agent Tesla - Detection Rate
VirusTotal detection statistics across 112 analyzed samples.
Last updated: 2026-04-18
Detection rates show how many antivirus engines on VirusTotal identify Agent Tesla samples as malicious. A high detection rate (30+ engines) means most AV vendors have signatures for the variant. Low or zero detection indicates recently packed or obfuscated samples that may bypass signature-based endpoint protection.
Why Detection Rate Matters
For SOC analysts and threat hunters, detection rate is a key indicator of variant freshness and evasion capability. When Agent Tesla operators release a new build with updated packing or obfuscation, detection rates drop temporarily until AV vendors update their signatures. This window of low detection is when organizations are most vulnerable. Monitoring this page helps you understand how well your current defenses cover Agent Tesla variants.
Recommended Actions
If you see undetected or low-detection samples, consider submitting them to your sandbox for behavioral analysis. Update your YARA rules to catch Agent Tesla patterns that signature-based detection misses. For the latest sample hashes to cross-reference, visit the Agent Tesla samples page. For network-level indicators, check the IOC page.
Detection Distribution
Per-Sample Detection
| SHA256 | Detection | Threat Name |
|---|---|---|
| 6f25b64efa6c3595... | 56/72 | trojan.msil/agenttesla |
| 102aa3e8c18c183d... | 56/69 | trojan.msil/agenttesla |
| dc451dc92ca8c947... | 52/68 | trojan.autoit/autoinject |
| ecac6d81c925b067... | 51/71 | trojan.autoit/auitinj |
| eeaaf1a831b3fb07... | 51/69 | trojan.autoit/autoinject |
| aa9a26dbe5fcfab9... | 51/72 | trojan.tedy/etyk |
| 89d8a5c61f78e93f... | 50/71 | trojan.msil/jalapeno |
| 98472b134ae42713... | 49/72 | trojan.tedy |
| d2905e367942c640... | 48/67 | trojan.autoit/agensla |
| 765e69564a235c9e... | 46/72 | trojan.msil/agensla |
| 8d7252df516b2151... | 44/68 | trojan.generickdq/gamehack |
| d3030deea9a49c1a... | 44/72 | trojan.msil/agenttesla |
| e4ca434fb241974f... | 44/72 | trojan.autoit/auitinj |
| 221367d0998608cb... | 43/71 | trojan.minix/nsis |
| 458006548ab9c613... | 43/72 | trojan.guloader/filerepmalware |
| bf70216afcd00c6f... | 43/72 | trojan.msil/msilheracles |
| a52d7e811609cce5... | 42/70 | trojan.minix/guloader |
| 494b7386dd151928... | 42/71 | trojan.msil/agensla |
| 149bf791a0d8a880... | 41/69 | trojan.autoit/auitinj |
| 2a66517cedacb808... | 41/71 | trojan.tedy/agensla |
| 2ff1097ed1f607c9... | 40/70 | trojan.autoit/autoinject |
| 7ac6aca27080b1a7... | 38/71 | trojan.mardom/msil |
| 218f94564cd1173b... | 37/67 | trojan.agenttesla/msil |
| 830e7555a21ef8ea... | 36/67 | trojan.autoit/auitinj |
| 4bda75eedbe6b367... | 34/65 | trojan.autoit/auitinj |
| 0cacede7d5990b1b... | 33/64 | trojan.tedy/agensla |
| 020643859d860215... | 32/65 | trojan.minix/nsis |
| 59221ef93ad609df... | 32/63 | trojan.guloader/geniso |
| 81d9e0389970009a... | 30/60 | trojan.obfsobjdat/cve201711882 |
| 8e0350a63f2f0f98... | 29/72 | trojan.msil/agensla |
| de63e0dac9cd8bfe... | 28/61 | trojan.cryxos/negasteal |
| 78417f6462aba815... | 28/62 | trojan.negasteal/yxgdmz |
| a0f64f3bb700ae91... | 26/64 | trojan.msil/snakekeylogger |
| e3299b434ea8094b... | 26/62 | trojan. |
| 97dfe97161a223b7... | 25/62 | trojan.acsogenixx/obfuse |
| 0257aa401044360b... | 24/61 | trojan.genericfca/negasteal |
| 642687daf4a3bd20... | 24/61 | trojan.agenttesla/negasteal |
| ce06a5de9e128121... | 24/62 | trojan.acsogenixx |
| 91aec6948b9366f7... | 24/62 | trojan.zmutzy/pumpar |
| 6184bb1d65ed1915... | 24/57 | trojan.cryxos/negasteal |
| 9cf9403b0141d986... | 23/62 | trojan.acsogenixx |
| b2c9f62883835341... | 23/62 | trojan.genericfca |
| c956d0c57e03a0ed... | 23/61 | trojan.adyg/negasteal |
| 3a3d2ed1e6bf9cd0... | 22/62 | trojan.guloader |
| e9344245c5768fd8... | 22/62 | trojan.negasteal/yxgdqz |
| fa896bde7e5b0df8... | 21/60 | trojan. |
| 4549500a13d2e4ee... | 21/61 | trojan.acsogenixx/adyg |
| 3879be5488a07314... | 21/59 | trojan.acsogenixx/adyg |
| f84c291e5630d464... | 20/61 | trojan.passwordstealer/generickds |
| f52a4fd5c912375e... | 20/59 | trojan. |