agenttesla | 9637811090[.]zip | Triage

Sharing

General

Target

9637811090.zip
Size

236KB
MD5

6d20118da52d83b0db753e6a341db25f
SHA1

6f0f4c6bfcc3eefa0ca15fb76a31516b36d07f13
SHA256

48585a6d5eb1297a60066fe3617ba547265d43d9fd4b5a1e4c61801c0d39e690
SHA512

6bb6fccd01ea8f36e8dd33b601b93e464e43d168842276fdffeed1552f195267df420cc4f7c35f848f622a03eaff3dd738561a27d935cda00f3ee455cec00f25
SSDEEP

6144:J2iGAg8OEWvNrfz7fgpJaVnXUXBq39ILOGl1Xb:JpORL7fgpCXSq3eLOar

Score

10^/10

agenttesla

Malware Config

Signatures

AgentTesla payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack002/DHL Consignment Details_pdf.exe	family_agenttesla

Agenttesla family
agenttesla

Files

9637811090.zip
.zip

Password: infected
61c390aada68477542e8e4f2b82bee0fd580dfe1893255d6f4d0dd12d7b2b2b5
.rar
DHL Consignment Details_pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ