Overview

overview

10

Static

static

10

1700041084...ed.exe

windows7-x64

1

1700041084...ed.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    17000410846d47e6b65e48f98c4726d3f72972952f1c4792deee8f14ac2125a8f4caad0e43312.dat-decoded.exe

  • Size

    216KB

  • MD5

    a31dc40908b34de1aeef206ef067d280

  • SHA1

    7a214399f651a162b6895484602ee0dfd415e5ba

  • SHA256

    dc7b17accaba0cbe8edc9a22bf625eb3e74f64b6e17046175095e4197792bd98

  • SHA512

    cde41e06f5a214b07244dca935bae6d1e94e95c7d8577a713decd5e0606ce5184cc855b6f8af7e8c8f03f52bd87a9a586e77c3b789495858e6e77d9d2254d4f4

  • SSDEEP

    3072:cmQ5xDOxLgPX7FdtXEwAu1sKUvlcNGJR9X1eStP1luF4QJpqbj0vl4r0o7WwJQYO:cxawfUeAR9xNluFDqkvc0w1Ul

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.ocp.mx/
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    lasco4000

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 17000410846d47e6b65e48f98c4726d3f72972952f1c4792deee8f14ac2125a8f4caad0e43312.dat-decoded.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections