agenttesla | 8bba04112d2fed8be99d615ab1c2659cc1d232251f54abe1c871be26bc0025e1

General

Target

8bba04112d2fed8be99d615ab1c2659cc1d232251f54abe1c871be26bc0025e1
Size

342KB
MD5

36d6f0e4e30f7097819c6fd1b8b2706e
SHA1

e387c03618d7c1caf7cbb615e977afad4485876d
SHA256

8bba04112d2fed8be99d615ab1c2659cc1d232251f54abe1c871be26bc0025e1
SHA512

12905e0efe36de056c76367000f9c0ae2d7913ff461dc0fed8be0521dafdd4f9c421b1b2df18fca2298006fe18d5ceaa30b9de6cf14069a67d86db55d571aadf
SSDEEP

6144:dvcjl0igOYmWtvqJj+imSIzGonm/20RhohQSbW0+VMnvZEDyZ67lUQZKFUCN4t5:dcjlGTtyN+dGomJAOSbWinSjRrqULP

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
webmail.unwired.com.fj
Port:
587
Username:
[email protected]
Password:
S@ndy123
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/market.exe
unpack001/marketteaching.exe

Files

8bba04112d2fed8be99d615ab1c2659cc1d232251f54abe1c871be26bc0025e1
.zip
market.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
marketteaching.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 281KB - Virtual size: 280KB

.rsrc Size: 74KB - Virtual size: 73KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 242KB - Virtual size: 241KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 74KB - Virtual size: 73KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 242KB - Virtual size: 241KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B