Overview

overview

10

Static

static

10

195581bbaf...43.exe

windows7-x64

195581bbaf...43.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    195581bbaff3fc63c2f92f0b93c3ed6304ef22f2662b7680a68705ec82694143

  • Size

    264KB

  • MD5

    522d9af3d5f3cd606c0f214f168f2c26

  • SHA1

    d55795d0e4f09001310b2589d23cfa60e4daa769

  • SHA256

    195581bbaff3fc63c2f92f0b93c3ed6304ef22f2662b7680a68705ec82694143

  • SHA512

    bf4790c557118957771357272c1374d8ddc95283f5bee982b5e119e60aa26d8946d0713a1f34a0f64540c0e0156d6a1b73cddf5ecbbaf94b01913cc37505af52

  • SSDEEP

    3072:x2PuB5RZxX6fZZUP9Vy3ii8IuiI7ZIG+nC04/FaZ5RGYKD2J:xjB5RZxX6fzy9J7IC04/FaYYs

Score
10/10
agenttesla

Malware Config

Signatures

  • Agenttesla family
    agenttesla
  • Detect packed .NET executables. Mostly AgentTeslaV4. 1 IoCs
  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion 1 IoCs
  • Detects executables referencing Windows vault credential objects. Observed in infostealers 1 IoCs
  • Detects executables referencing many confidential data stores found in browsers, mail clients, cryptocurreny wallets, etc. Observed in information stealers 1 IoCs
  • Detects executables referencing many email and collaboration clients. Observed in information stealers 1 IoCs
  • Detects executables referencing many file transfer clients. Observed in information stealers 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 195581bbaff3fc63c2f92f0b93c3ed6304ef22f2662b7680a68705ec82694143
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections