General

  • Target

    e7864a121c2abe3f5398b03986d53cef01044dc8ba32e0cd30448d3ae8a78112

  • Size

    428KB

  • MD5

    4c9af850d4330bf16c8f83c29ca3d815

  • SHA1

    ac4351d1632fab668c03c391e1f67e0c64fe117d

  • SHA256

    e7864a121c2abe3f5398b03986d53cef01044dc8ba32e0cd30448d3ae8a78112

  • SHA512

    ff41ebcb04890d2a3b09118dd03d5b6fa17c4f7c6ddbc2832a470ea3435cf38fae873efecb6cff261469e09e2aeb97982bfa11d62bdb898dc0b5c3ad354beed1

  • SSDEEP

    6144:Wv67updRtZ8YGvN7bnCRn6/H7+bU+A61stvLGyELbMUTKZ:EpdRtZzGvN7f7+B1SiyyjK

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://ftp.code-jet.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    4+i)Wf,h^zRm

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e7864a121c2abe3f5398b03986d53cef01044dc8ba32e0cd30448d3ae8a78112
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections