agenttesla | Copia del pagamento-PDF[.]bin[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

Copia del ...DF.exe

windows7-x64

Copia del ...DF.exe

windows10-2004-x64

Resubmissions

15/02/2023, 15:50

230215-s9zy4acf37 10

15/02/2023, 15:47

230215-s8cgeacf24 10

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Copia del pagamento-PDF.exe

Resource

win7-20220812-en

agenttesla collection keylogger spyware stealer trojan

windows7-x64

10 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Copia del pagamento-PDF.exe

Resource

win10v2004-20221111-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004-x64

10 signatures

1800 seconds

General

Target

Copia del pagamento-PDF.bin.zip
Size

80KB
MD5

e0350756efecc93792c55606ef87f56f
SHA1

8f2f7c7c81edf041f42a08f1dfc815f855a64155
SHA256

8d87ed47c50a05418d425c0947c02992f4a447ac1117f484960a8a6a8ccf1beb
SHA512

8e017928ef0dc61c1aa0554141e4583b70eefc066dba45b82b11513e6c141ccf9eb686eb038e27d7c3f98de3085d28305f582453e22a5347c9d96d030c91e4e0
SSDEEP

1536:PGd+W0icc8h/mEF3U4J05gsYwy/Ce/M6Cy38BkoqLlhoOO:PGdRvozfls3y/Ce/0y38BVqXoOO

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5249845718:AAGAU-0wsEoqm32Ml21Y0Irz58kvd5j9Gss/

Signatures

Agenttesla family
agenttesla

Files

Copia del pagamento-PDF.bin.zip
.zip

Password: infected
Copia del pagamento-PDF.bin
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy