Static task
static1
General
-
Target
1-AgentTesla.1-24c1e2053d04c74896bd24a0a2a7dce4c79c5553f13fca9744c14048e8976a37.zip
-
Size
299KB
-
MD5
fbbc0deafb8c781de33b51ba931a7912
-
SHA1
98b78c088658e561672ed137f34ab27933421dcd
-
SHA256
b9ca17508cf0ab74be3a7f09436220199294aff028bebe84725585937bd7c15f
-
SHA512
0b34bb9e981e99319b3300f8849f08f169b1c8ebde83e75657439f21cc7b60633149632557e89c60afc2afabf9f9e13debf96892d6fe516de1e7cc2dde8ccabc
-
SSDEEP
6144:xWPFshNmkoBbB4iLKIecUsoyQw/a71hxE9IX/XBxbsRGVVX2/eZvmYSIq2O5:YunboBbBn9ecUsovw/u1hxECXZxceXEx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/Shipping Docs.exe
Files
-
1-AgentTesla.1-24c1e2053d04c74896bd24a0a2a7dce4c79c5553f13fca9744c14048e8976a37.zip.zip
Password: infected
-
24c1e2053d04c74896bd24a0a2a7dce4c79c5553f13fca9744c14048e8976a37.7z.7z
Password: infected
-
Shipping Docs.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 278KB - Virtual size: 277KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 212KB - Virtual size: 211KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ