agenttesla | 9b03f953727b02a4a23f816b5f24de97dd5a8cc068cf077eb349dfdbabe35acb | Triage

Sharing

General

Target

9b03f953727b02a4a23f816b5f24de97dd5a8cc068cf077eb349dfdbabe35acb
Size

920KB
MD5

f7addda2577def36d69053fc3281b427
SHA1

b662914ab4020c6eee2c12910a9ca4c12188dbdd
SHA256

9b03f953727b02a4a23f816b5f24de97dd5a8cc068cf077eb349dfdbabe35acb
SHA512

be21e3fa71950cd5b487578e6857def6400b83b693f2dbb837b79450c245a000c9d5d9c836253a4fa2391a6ec14e8c1cbf4b9feaa5ef7a452189b668a97d11d0
SSDEEP

12288:gMSApJVYG5lDLyjsb0eOzkv4R7QnvUUilQ35+6G7579zPYfgduxwim5j:gnsJ39LyjbJkQFMhmC+6GB9kfg0W

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b03f953727b02a4a23f816b5f24de97dd5a8cc068cf077eb349dfdbabe35acb

Files

9b03f953727b02a4a23f816b5f24de97dd5a8cc068cf077eb349dfdbabe35acb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ