agenttesla | 5b1fc240e173664088deafe3556ce6b461e2dcc57bfe27716ebf523e79177b3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b1fc240e173664088deafe3556ce6b461e2dcc57bfe27716ebf523e79177b3c
Size

236KB
MD5

66937c201c5fce1f55a7eff253095a6c
SHA1

1758e7874e130c87ad05381d117b6f871f79094b
SHA256

5b1fc240e173664088deafe3556ce6b461e2dcc57bfe27716ebf523e79177b3c
SHA512

e558d093703d93c7579100e5a0f4ae7b6a340b65ec596a35639256ef045be39571178ebb9f3e246c413d0909e2844877ca845465616bea3e9a05de3b7a2a5985
SSDEEP

6144:FjaqH8hnz+d+kk0k4d5Xw7IBLEZ4RtTV1h:xH8hnz+kkk0kW5kZ4/

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.amtechcards.com
Port:
587
Username:
[email protected]
Password:
]i[a(tUWlmp%
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1fc240e173664088deafe3556ce6b461e2dcc57bfe27716ebf523e79177b3c

Files

5b1fc240e173664088deafe3556ce6b461e2dcc57bfe27716ebf523e79177b3c
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ