agenttesla | 400000[.]New order 07G23KHJ[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

400000.New order 07G23KHJ.bin
Size

238KB
MD5

3d74b731a9fd0acb05187baae7f0c186
SHA1

f6b77064ed5220b8d6e1e051c145574aeb8dcb71
SHA256

7d50eb1fad89f4ebf7f5aa8c1b956e13b19ccf67b17007d97c5f5ae382d44f56
SHA512

078d935ecb45ca5b19294a89c5b5b65692e1b404f4277661aeb36dd6905bba81932767d90439b9a5df149972419ec70646bbca8b799224ac67507431c1395fea
SSDEEP

1536:vm1YN1nmCpCL4NIW/0UWLPK6k78adEbuKzSFgPKorreGP/n3DN7cxqt5QOFnxMOk:vNBusIU0PKqb7K8PFcxk5QOFSXbKc

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.absbldg.com
Port:
587
Username:
[email protected]
Password:
7Hudauff
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
400000.New order 07G23KHJ.bin

Files

400000.New order 07G23KHJ.bin
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ