agenttesla | a8c2ccbe6b51094e555fe11b631334150250905d0ee89dfc8aad100be8cc1e98 | Triage

Sharing

General

Target

a8c2ccbe6b51094e555fe11b631334150250905d0ee89dfc8aad100be8cc1e98
Size

1.2MB
MD5

16efd5f4875687e4e417cffee34bedc8
SHA1

81be5495fdaa950f487a125de6926e7a24194857
SHA256

a8c2ccbe6b51094e555fe11b631334150250905d0ee89dfc8aad100be8cc1e98
SHA512

29bd9a5168ca6b34e96937792544d192d90e95daf5c2b9fd0a5ff2654ced5a5b27b0f630f609fcca5235d5baafaedf771c51b90c0713969f98b2ad5f706ba437
SSDEEP

6144:ckzwuh8BSfN7Bv16pDBl/vMxTAQkrMMAxCT3KdO6euKY20cRadIGh8z:cYwutfN7BvQjvMxsqMHH7QE

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla Payload 2 IoCs

Processes:

resource	yara_rule
sample	family_agenttesla
static1/unpack001/DHL.EXE	family_agenttesla

Agenttesla family
agenttesla

Files

a8c2ccbe6b51094e555fe11b631334150250905d0ee89dfc8aad100be8cc1e98
.iso
DHL.EXE
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 654KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ