agenttesla | 60dcda7c7080a449cfb175b183073c33dfa74bdad5d94e5044795bbad2e69875 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60dcda7c7080a449cfb175b183073c33dfa74bdad5d94e5044795bbad2e69875
Size

238KB
MD5

1bfff173fe51c613fb1d9a44776972c7
SHA1

5d1d7979c8146a1ddd72783e6a0c72c42cc96d4f
SHA256

60dcda7c7080a449cfb175b183073c33dfa74bdad5d94e5044795bbad2e69875
SHA512

8afef815f98d074aec79d26bf035137e1cb8c8d374dc6e120ed9a27742bfdc953a0f54242789744635028c57f47214188a5da23d50ff108d78095577eff131cd
SSDEEP

3072:GdvDPrfY7wcwJwtrkQdYWkybW9nG5oZBCefwK:0vDPrfcwcwcusW9nPCU

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.fosna.net
Port:
21
Username:
[email protected]
Password:
(=8fPSH$KO_!

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60dcda7c7080a449cfb175b183073c33dfa74bdad5d94e5044795bbad2e69875

Files

60dcda7c7080a449cfb175b183073c33dfa74bdad5d94e5044795bbad2e69875
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ