agenttesla | 049cf1a5c3ecd74b4de986216d1a8b9d10a21be4a1cd46db0a018679ae6423bb

General

Target

049cf1a5c3ecd74b4de986216d1a8b9d10a21be4a1cd46db0a018679ae6423bb
Size

743KB
MD5

44229e676b5cf5b74c9dc24ba39a0e8f
SHA1

c1e3fe1369b4f5d0df3b143e1e35824497c19b75
SHA256

049cf1a5c3ecd74b4de986216d1a8b9d10a21be4a1cd46db0a018679ae6423bb
SHA512

86c00cb77169f5707720e6ae892501dc6bce01ba0d1b4aceba01b255b1745b5ef64fdc1a223e0be2ecfda3a7317e41fe52a6263c8f2366fe0255e1f7a44ca4c1
SSDEEP

12288:wWLM/FsabJ1woT1Omtjr/k+QoVxQH8rNN30PZd6l99VIVQd12kSpdrIH6lfZFiY/:3LK/bDPbVxniZd6l99EdrdZFz/

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla Payload 2 IoCs

Processes:

resource	yara_rule
static1/unpack001/company profile_original.scr	family_agenttesla
static1/unpack001/excel doc spec.scr	family_agenttesla

Agenttesla family
agenttesla

Files

049cf1a5c3ecd74b4de986216d1a8b9d10a21be4a1cd46db0a018679ae6423bb
.zip
company profile_original.scr
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 646KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
excel doc spec.scr
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 646KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 646KB - Virtual size: 646KB

.rsrc Size: 223KB - Virtual size: 223KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 646KB - Virtual size: 646KB

.rsrc Size: 186KB - Virtual size: 186KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 646KB - Virtual size: 646KB

.rsrc
Size: 223KB - Virtual size: 223KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 646KB - Virtual size: 646KB

.rsrc
Size: 186KB - Virtual size: 186KB

.reloc
Size: 512B - Virtual size: 12B