agenttesla | ae0f990ac79ae98e70a050cb2fe298a269f46974d9d6cb33f4138e8f693f309b | Triage

Sharing

General

Target

ae0f990ac79ae98e70a050cb2fe298a269f46974d9d6cb33f4138e8f693f309b
Size

269KB
MD5

df0b860dd503ecd282fd5238f13ad8d0
SHA1

75b3d23945ad362970969a77c6d12f23af1ab93a
SHA256

ae0f990ac79ae98e70a050cb2fe298a269f46974d9d6cb33f4138e8f693f309b
SHA512

dbfc2f956cedc59d3eeb7cefeec24d6241d291fd28c9432084b1d83cb19556f4022345df182305f9f78aa502c46c5cb618f42fa7138e0d670903388dc8a1a43c
SSDEEP

6144:stjV63Qyg69fxj47kab9tEmYqQl6BGc8WHXbUVdpQ8V3N+/V8Il7:CGZ9fxGtomYlk8dpniV3V

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/RFQ86437C.exe	family_agenttesla

Agenttesla family
agenttesla

Files

ae0f990ac79ae98e70a050cb2fe298a269f46974d9d6cb33f4138e8f693f309b
.zip
RFQ86437C.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ