agenttesla | 35a5ee101c02290061928de471fa3d2212de663dbb14b520b50d1373df082f60[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

35a5ee101c...60.exe

windows7-x64

35a5ee101c...60.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

35a5ee101c02290061928de471fa3d2212de663dbb14b520b50d1373df082f60.exe

Resource

win7-20230220-en

agenttesla collection keylogger spyware stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

35a5ee101c02290061928de471fa3d2212de663dbb14b520b50d1373df082f60.exe

Resource

win10v2004-20230221-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

35a5ee101c02290061928de471fa3d2212de663dbb14b520b50d1373df082f60.exe
Size

166KB
MD5

ff0a86e2170966182a7be06e08811fcc
SHA1

127cf2e6d406d1861f82ba18c7aa6670d9100643
SHA256

35a5ee101c02290061928de471fa3d2212de663dbb14b520b50d1373df082f60
SHA512

3ef86b554e2066f9d7dc381090f342dbd69ff693fa8d1670af4606c8bb2d5c4c58458b8a9f30b54761faa6b4d4535f482549c31826bb68aebf44f6c4a4f327dd
SSDEEP

3072:x7v8S+C2FEaGZiwdjRk1VQw3WGyYmIEz05QWOry:x7kC+elKVryYmId5QN

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://files.000webhost.com
Port:
21
Username:
zincox
Password:
computer@1010

Signatures

Agenttesla family
agenttesla

Files

35a5ee101c02290061928de471fa3d2212de663dbb14b520b50d1373df082f60.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy