agenttesla | 0x000a00000001230a-82[.]dat | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0x000a00000001230a-82.dat
Size

168KB
MD5

3d4e1ba5dff5595ef8e0d54a27f14099
SHA1

9abecbe019c452afbe02bca27c013586746971df
SHA256

14b654ba9d68e4a0ad8293a359dc4c382899cebf246ae7e6504d21e54437c009
SHA512

1d4e7c97d7d5ad618dd9459d486eee2768edc426659b66d4ef63dd2e065637313fb55c0ed273df14e56ea8facff1462ab1649c0aeeac454f359ba70357df8026
SSDEEP

3072:senGmFeVCZ+M9GCvVenvhbnXCTPPncJIRCNhQn/nBUFsqhg8EFyoGFVks5g:HGmF2CZ+M9GCvVenv9yTPTCHPsq68E4f

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mucahitaytekin.com
Port:
587
Username:
[email protected]
Password:
Oseototo@1010@2
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0x000a00000001230a-82.dat

Files

0x000a00000001230a-82.dat
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ