Behavioral task
behavioral1
Sample
bc6d9219263a801907b3e172b1f2945a7433efaf70dc6d010fcab1d50730c64c.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
bc6d9219263a801907b3e172b1f2945a7433efaf70dc6d010fcab1d50730c64c.exe
Resource
win10v2004-20240508-en
General
-
Target
cb225ca7a71b9a45ad05b65c4d3cea0e.bin
-
Size
106KB
-
MD5
23edb46daaef4fbc7a001f2e07fab31d
-
SHA1
af688ce0dcbc799a9aee9dd463c1df44e270fd10
-
SHA256
c7053fd09c89064181cac336975af15e388d42e9e5f20380161a5a3d2e07b1fc
-
SHA512
a26418aea08ce168b37099f3f881b0850e80fd0495d69037a7ffacd3a76c04c7f182d67429dccceedc65d30b899bbf607df85d9d82b3f6987792c9a9ce9062cc
-
SSDEEP
3072:qjd1P4K7SRxwUGOuIMGoMXoT9rN+V19oS:q/P4lxFMPMXoTyCS
Malware Config
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/bc6d9219263a801907b3e172b1f2945a7433efaf70dc6d010fcab1d50730c64c.exe
Files
-
cb225ca7a71b9a45ad05b65c4d3cea0e.bin.zip
Password: infected
-
bc6d9219263a801907b3e172b1f2945a7433efaf70dc6d010fcab1d50730c64c.exe.exe windows:4 windows x86 arch:x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 238KB - Virtual size: 237KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ