General

  • Target

    e204efd97c0d7b5068c1ff775673f1825c44bda7891bfa671ad72d9e54f2d807

  • Size

    164KB

  • MD5

    73ba40dee5f61c229947c73328a2dc32

  • SHA1

    83a168919004f2c6cea8a15d4ed974056b6ea9b7

  • SHA256

    e204efd97c0d7b5068c1ff775673f1825c44bda7891bfa671ad72d9e54f2d807

  • SHA512

    dfd39c08b695acf07d6043bf1086f52e251d1c575d381ab41c3c40527501f929b0aa2c85125fd4411f7c235706e8f4764f8522a50c18cd748a8ea2bb1dee8280

  • SSDEEP

    3072:FOEh7xgFtuukVi+l4jp5d3P/Lx+FvDyY7qab7HzU2tcB90JnvM25:FOEh7xgFtuNIO6p5Rj4vtmAM22B0nv

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://valvulasthermovalve.cl
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    LILKOOLL14!!

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e204efd97c0d7b5068c1ff775673f1825c44bda7891bfa671ad72d9e54f2d807
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections