Overview

overview

10

Static

static

10

1684919169...ed.exe

windows7-x64

10

1684919169...ed.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    168491916942a074a956b371af57bd67f974af391b5a7ff52d7976c014e7f42b7862e7cbc8685.dat-decoded.exe

  • Size

    163KB

  • MD5

    6070a1b84846a0946639a374043787d6

  • SHA1

    c271d66be5d983ae44aefdf0f5f946131519a259

  • SHA256

    f87578f93b7160f35ba86268b9ebfa63e795113c42a4eb12c1b632d3fc3ed7e3

  • SHA512

    a41cd376856f5d32c2fe86156e03c5bd7123313dae97a71f72c31b79887e927997353b586bec609829919ddfe028c733b5d652064053eadb663a3d34e5f94511

  • SSDEEP

    3072:9qaoPc3WRhJd1a9d1FjnfGMPv3fsZJWBzjyLRxOCpyS0BCUKQP:tWRTfk/xHPvku3SRxzphcJ

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.ocp.mx
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    lasco4000

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 168491916942a074a956b371af57bd67f974af391b5a7ff52d7976c014e7f42b7862e7cbc8685.dat-decoded.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections