agenttesla | 0x000f000000013a09-78[.]dat | Triage

Submit
Reports

Overview

overview

Static

static

0x000f0000...78.exe

windows7-x64

0x000f0000...78.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0x000f000000013a09-78.exe

Resource

win7-20220812-en

agenttesla collection keylogger spyware stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x000f000000013a09-78.exe

Resource

win10v2004-20220901-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

General

Target

0x000f000000013a09-78.dat
Size

209KB
MD5

3c651d2278ce354c4685753e3e89db81
SHA1

19f1572c764757078a2789226746414ca59d55c4
SHA256

faa74dfba75ffa86ae94bed9340875325514b4ad51fb4cbbccee8fe1ebb1ed33
SHA512

0d6e19d5e1a5fbf8a9300b7030d70c99b5cb8ed3d3f0547efba7244982a36523d0b4c08dbd18e9016c3793c8a625a3f6b3175ab4acba4fb01a833858da92335c
SSDEEP

6144:BDaWsWiS1DvTjQkFifVu3YnUbnzA10N85AdmVumU9J7hFvZqXozlX:BmWsWgVGDz

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
%2B
Port:
21
Username:
application/x-www-form-urlencoded
Password:
image/jpg

C2

p=

Signatures

Agenttesla family
agenttesla

Files

0x000f000000013a09-78.dat
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy