agenttesla | 824aa442ce1e9666970da10b8f79979e3c78cab55d54c3f1efa333b1bf191468 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

824aa442ce1e9666970da10b8f79979e3c78cab55d54c3f1efa333b1bf191468
Size

310KB
MD5

7ba9532b989857c77188ff61a264099d
SHA1

60249eeb43bdb82c449e62f1f350b0404e6a9cc7
SHA256

824aa442ce1e9666970da10b8f79979e3c78cab55d54c3f1efa333b1bf191468
SHA512

ef7c1a41db8ec807b3e1ba5cead1bcc901e2c0d473a0dfaae4eae125e9d67898a114d51da11d96f6b4cccdd6a02a96ed0cdfb126562de330ec612bbff161224c
SSDEEP

6144:gdJ10wOamL+cu4gW3tcvLdgub2lJcTux:CP0wOamLxQW3Oh/a2u

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
824aa442ce1e9666970da10b8f79979e3c78cab55d54c3f1efa333b1bf191468

Files

824aa442ce1e9666970da10b8f79979e3c78cab55d54c3f1efa333b1bf191468
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

_.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ