agenttesla | 9fece1f1dd148edf313f8c2ab21d9a7551025b41e07024a75feb8dfee9b90315 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fece1f1dd148edf313f8c2ab21d9a7551025b41e07024a75feb8dfee9b90315
Size

236KB
MD5

e7da454a7dbc0aacb0d74465026a72cb
SHA1

cc19d85c85bb959e7b2f2a5054a4aca21c661e6f
SHA256

9fece1f1dd148edf313f8c2ab21d9a7551025b41e07024a75feb8dfee9b90315
SHA512

412cc07aa503f5ce86089f02b3c1dc560e1d9be671601a4d012d36859d411d84a21087ff8e006e6f10e94efa2662a00cdf86e0cb9161d30b23ddf0c0b5d535d3
SSDEEP

3072:mvdh07gvxiDMkkkUksjbTIDh+EtxYFdf+D0N5YlbWPB:m07gvxiDMkkkUksjbTIDEEvYf+D0sb+

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.hillcountryintegrativemedicine.com
Port:
587
Username:
[email protected]
Password:
Wweber!
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fece1f1dd148edf313f8c2ab21d9a7551025b41e07024a75feb8dfee9b90315

Files

9fece1f1dd148edf313f8c2ab21d9a7551025b41e07024a75feb8dfee9b90315
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ