agenttesla | 73e9b767adfbc6df2b8f98bb835038c2846b6bba8eda38329af10066363c68eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73e9b767adfbc6df2b8f98bb835038c2846b6bba8eda38329af10066363c68eb
Size

240KB
MD5

74d8794f7bc243416166fce578dbd5ea
SHA1

78164919720b943a962db44e03088c4d8389ffcd
SHA256

73e9b767adfbc6df2b8f98bb835038c2846b6bba8eda38329af10066363c68eb
SHA512

bef40a1e8228dc74a008860537d91d8a7758d642b0f4fa239559e0649a2f471b6482fc1a3bbfdbe458cf872df8b74f0efcab7b737b5b2a3eeb45bf68c7b7df0f
SSDEEP

3072:FdA67f9xtpdnNVtf9IXSHwRRODpzfEmYFDwu5LCK+9GR:Fa67f9xtpdnNVtf9ICHwRROoFDwNKCG

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.atelierzolotas.gr
Port:
21
Username:
[email protected]
Password:
alibaba.com

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e9b767adfbc6df2b8f98bb835038c2846b6bba8eda38329af10066363c68eb

Files

73e9b767adfbc6df2b8f98bb835038c2846b6bba8eda38329af10066363c68eb
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ