agenttesla | b6a34ed44e6d370ddae29ace8976ea106e934bd1a8426df670f636816ad62eb0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6a34ed44e6d370ddae29ace8976ea106e934bd1a8426df670f636816ad62eb0
Size

247KB
MD5

3831450b37e4fe39e4ab299319972c59
SHA1

2f2547870da524a73a0d7d1e82c84e360fb9cfca
SHA256

b6a34ed44e6d370ddae29ace8976ea106e934bd1a8426df670f636816ad62eb0
SHA512

50487231d4f4af5dd5c28101a360645ecf5eda4c6d98251e315e5fc913e08ee4e87de3e0fb3c3476cbcb9f68b236339ffd9d2a72f6aee319fa0a6f5df4f46082
SSDEEP

3072:1LrOBNkY+ZNjHDXWozVkFc4n+3zz2jd+57S5pNC3FAqub:ZYkrZNjHDXWoxkhnozEs7Sg3KqC

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mymobileorder.com
Port:
587
Username:
[email protected]
Password:
Grace@20233
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6a34ed44e6d370ddae29ace8976ea106e934bd1a8426df670f636816ad62eb0

Files

b6a34ed44e6d370ddae29ace8976ea106e934bd1a8426df670f636816ad62eb0
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 240KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ccc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ