agenttesla | tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

216KB
MD5

afecc0bc673bad6eda0508226de0b4dc
SHA1

962c21b819d3a3976501e20620e2bf3647cc0d9c
SHA256

434ceb37733515cb89a7da351d878b03b3286876c67222f4fba2900a124d79fa
SHA512

aad57c1777adb32be425adcd5f0d0152e8f70251cfb00fb3d03f295d1b24be4a41ee3ec82833b6ddb8c52120f731ed2d94a0a33a9f9eb850a734fa01aad9b789
SSDEEP

3072:49WJMu5mIOdcI73I3Wh3hUianGJCA+oQO9KXRReWbTN7Hzq00nklCPClihtaJfh:4/uY39/U8sAuiqy0OkUJXa

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.qoldreel.com
Port:
587
Username:
[email protected]
Password:
S#*w$!I8

Signatures

AgentTesla payload 1 IoCs

resource	yara_rule
sample	family_agenttesla

Agenttesla family
agenttesla

Files

tmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ