agenttesla | 83248fc14c5704eec0974b7435faf39b83538beeab9ef59a95510243e7fd6e8c | Triage

Sharing

General

Target

83248fc14c5704eec0974b7435faf39b83538beeab9ef59a95510243e7fd6e8c
Size

238KB
MD5

220a2eebd0da4c317d3a2e579f26c739
SHA1

17dc62e469e40c211bac88bed2cfa208e947bef3
SHA256

83248fc14c5704eec0974b7435faf39b83538beeab9ef59a95510243e7fd6e8c
SHA512

072b8af577c48dd383a451f3bccd7b8150a97347382f2e415b3ae8e30e4c233f57f8266ae897369199527069884850d333d8c722a5ca95123178ec898ab3512f
SSDEEP

3072:R/9RhCU3anFLqMblcN6bm1RsJ+AI9FP1qymE9/mis1kWm:R1RsU3anFLqMblcNcm1VJ9FwymE9u

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
euenarji.com
Port:
587
Username:
[email protected]
Password:
cooldown2013
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83248fc14c5704eec0974b7435faf39b83538beeab9ef59a95510243e7fd6e8c

Files

83248fc14c5704eec0974b7435faf39b83538beeab9ef59a95510243e7fd6e8c
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ