agenttesla | 307753755c4d0a788f18b5c5875dab5dbf30d6b00523359188603f9df3167b70

Sharing

Copy URL

Twitter E-mail

General

Target

307753755c4d0a788f18b5c5875dab5dbf30d6b00523359188603f9df3167b70
Size

702KB
MD5

1118e83a5b4e5b67eb6cf57da7102eb0
SHA1

1833e10d0f929c639498891ad7c574a66a84ebfd
SHA256

307753755c4d0a788f18b5c5875dab5dbf30d6b00523359188603f9df3167b70
SHA512

729a69c8b44993eadd6f0be0a4b12bbac5cd068ce159028000d186adc262122c3a728d9f322b92f9f54fdf363c6bf7632644891c12c0eda1bea5e00312a6a049
SSDEEP

12288:9RLoJPfgENE9itsArRKqAgXeHbd6hAoYMLPKXRvXwjjc25MomWDg:95oJPfFNEcsArogAbd6hRYMLyX5Xwjwb

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla Payload 2 IoCs

Processes:

resource	yara_rule
static1/unpack001/Payment Confirmation#114_pdf.exe	family_agenttesla
static1/unpack001/Payment Confirmation#114_pdf/Payment Confirmation#114_pdf.exe	family_agenttesla

Agenttesla family
agenttesla

Files

307753755c4d0a788f18b5c5875dab5dbf30d6b00523359188603f9df3167b70
.zip
Payment Confirmation#114_pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 866KB - Virtual size: 865KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Payment Confirmation#114_pdf/Payment Confirmation#114_pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Payment Confirmation#114_pdf/pic.png
.jpg

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 866KB - Virtual size: 865KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 865KB - Virtual size: 864KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 866KB - Virtual size: 865KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 865KB - Virtual size: 864KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B