General

  • Target

    864714c49cccd34cc03d69511fe69a3f8000da7a8a63b5ffa0c92494aec4d6ce

  • Size

    84KB

  • MD5

    11bd2766707ea04ab2bbc3e865c74bcc

  • SHA1

    c5c26c0bb42c55eac5bf8ccfff2a6138750b57c8

  • SHA256

    864714c49cccd34cc03d69511fe69a3f8000da7a8a63b5ffa0c92494aec4d6ce

  • SHA512

    d774d47fb5de0705048208388f7954a0c7476e1b225fd6e92da708c22ab428f8d2749292c0c65eebbfd324662e02d9f163c4953a002290869bb87c5fbb042cfd

  • SSDEEP

    1536:sEa23GHULXzGXeoxtVXRNp3yObpHTks5qU/Agdp5mpj4ydaIBq4Vx:ja2WKDGXF33JbpHzb/AefYdaIBl

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://ftp.elquijotebanquetes.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    4r@d15PS!-!h

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 864714c49cccd34cc03d69511fe69a3f8000da7a8a63b5ffa0c92494aec4d6ce
    .zip

    Password: infected

  • a5cc71d10f1106272352cefb5e44dda1403fabef60b4a253733f60e329514689.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections