General
-
Target
origin_af5e4d95e12a1dd9bffaea60caf2022251e7b9f00b3217415f3142e54a6e54b7
-
Size
360KB
-
MD5
aef9debcbf73662462687f33046d6a2e
-
SHA1
ad32f0a358bcbdd68d1d0c1405f9e430d1b762c9
-
SHA256
af5e4d95e12a1dd9bffaea60caf2022251e7b9f00b3217415f3142e54a6e54b7
-
SHA512
aa3878cb2785bc901da7c5681731ed570f2caade7139b850619087b13a7b225b9934579a716835629741e66c2a362107989f7038af261ab8327fc9aa1f925e4a
-
SSDEEP
6144:TCbDsgMmWzSJ9kfmcBWmq0XFgeQ8ucyFM0rYvdbZ:TCbDsmWzSoHBWmqT4T0
Malware Config
Signatures
-
AgentTesla payload 1 IoCs
resource yara_rule sample family_agenttesla -
Agenttesla family
Files
-
origin_af5e4d95e12a1dd9bffaea60caf2022251e7b9f00b3217415f3142e54a6e54b7.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 336KB - Virtual size: 329KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 880B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ