agenttesla | 0d9e5116c1da200fa3a55c84ca2195eb7bbbd1e1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d9e5116c1da200fa3a55c84ca2195eb7bbbd1e1.exe
Size

334KB
MD5

584b853e5f597883fb56cc5e879d8a3d
SHA1

0d9e5116c1da200fa3a55c84ca2195eb7bbbd1e1
SHA256

a73fd985f5f38ff58dc3112bc46d7e81190bad5567220cf46efe5608c4e307f0
SHA512

88b7f8c6fb7f9a19bbb9eb818cdbc51a3e95c25ba890eaf95576a3a9dd81ab7fbce5ef5bced6dbe16ff731e70c157f17276681fcd00205d280d1ec12bd6eea55
SSDEEP

6144:UmdOCKkkGBQOItDWaCjsjj9TB91goSjUOp0NMzh3HnzLkYvsbB:rdvkGBjADt8LtV8kn

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla payload 1 IoCs

resource	yara_rule
sample	family_agenttesla

Agenttesla family
agenttesla

Files

0d9e5116c1da200fa3a55c84ca2195eb7bbbd1e1.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ