agenttesla | 7047b9a2b50a8fb360b3d2b53d647582e6b4e93d92b7e266327a01c2f4c4bdf1 | Triage

Sharing

General

Target

7047b9a2b50a8fb360b3d2b53d647582e6b4e93d92b7e266327a01c2f4c4bdf1
Size

1.2MB
MD5

3032fca3ba79c136c249f1f4a1cdd74d
SHA1

d5e992224f93ab32caed9a54b7e5770073e1b2fe
SHA256

7047b9a2b50a8fb360b3d2b53d647582e6b4e93d92b7e266327a01c2f4c4bdf1
SHA512

1183a0e18f43a07d996b3d779b4d9f4fd76fb468601f8d591b9fe9e5007c609ffb1004393f8d1eadde8c04d2fe670e35c0ad4bb4574b561b7bac4b6d16a902fa
SSDEEP

6144:l3F48TZkZnfsw5+PPRDrh0AK0Li0gMK9p+fIFBhcXry:82mknPRDWAK3PBhk

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla Payload 2 IoCs

Processes:

resource	yara_rule
sample	family_agenttesla
static1/unpack001/signed-contract.exe	family_agenttesla

Agenttesla family
agenttesla

Files

7047b9a2b50a8fb360b3d2b53d647582e6b4e93d92b7e266327a01c2f4c4bdf1
.iso
signed-contract.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 649KB - Virtual size: 649KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ