General

  • Target

    51429a11178c6f347b67722bb5c64ff7441f2b89e7cb3acf79a231d5422ddb76.exe

  • Size

    234KB

  • MD5

    172e7007a4de3af16d46e0cd6e856c53

  • SHA1

    3c0b9f29690feef46f34c43627c72468b49be23a

  • SHA256

    51429a11178c6f347b67722bb5c64ff7441f2b89e7cb3acf79a231d5422ddb76

  • SHA512

    2b766592b18d1a63c16531d8cbfbad9b0a980b5b575b0221ddd8aaea4d07ae15102584978c177a3917b69293c5734c26035fa0b687c9153b7c0f359efaac3fff

  • SSDEEP

    3072:6wR84UoTPZunfrblwxzUlJ6FiwxP3v5qF3z8z:zR84UoTRunfrblwxzGcXxv43w

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

Signatures

  • Agenttesla family
  • Detect packed .NET executables. Mostly AgentTeslaV4. 1 IoCs
  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects executables referencing Windows vault credential objects. Observed in infostealers 1 IoCs
  • Detects executables referencing many confidential data stores found in browsers, mail clients, cryptocurreny wallets, etc. Observed in information stealers 1 IoCs
  • Detects executables referencing many email and collaboration clients. Observed in information stealers 1 IoCs
  • Detects executables referencing many file transfer clients. Observed in information stealers 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 51429a11178c6f347b67722bb5c64ff7441f2b89e7cb3acf79a231d5422ddb76.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections