agenttesla | 2e5247cb876de7d41c8cd2d350aa6512aeb1f93da5fdb368075d5cc97accfbd2 | Triage

Sharing

General

Target

2e5247cb876de7d41c8cd2d350aa6512aeb1f93da5fdb368075d5cc97accfbd2
Size

1.3MB
MD5

f7b01ebf3d1852568404cfe4cb7263c2
SHA1

4a682c469015e4ffb3c6033371b3b80dc63ae2e9
SHA256

2e5247cb876de7d41c8cd2d350aa6512aeb1f93da5fdb368075d5cc97accfbd2
SHA512

487ae7fbdc1c064b5f917a90d5169798c677f5993b0772a951cad3ddeff9dd705358c6c5b8907319a4652f796f9eb3b020ee3888b319ebcafff7b3743445ca58
SSDEEP

24576:+WSvenS3TJh9P5T6NN2P+PPhLN/fGVsBfYyMxxAPr7UrlfCQefU166OB:+XveG9PZkN13JN/6sBd4Oj7Url/ef5B

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/order for August .SCR	family_agenttesla

Agenttesla family
agenttesla

Files

2e5247cb876de7d41c8cd2d350aa6512aeb1f93da5fdb368075d5cc97accfbd2
.zip
order for August .SCR
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ