agenttesla | -7500,00[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

-7500,00.exe
Size

234KB
MD5

db6d215b0345ecf428ba32ba2840742a
SHA1

9ea164e7375ab9475f420b0212a296ec28946df4
SHA256

d01af726ff8eac7b739ef08e2c7588e96c31d9e467111f243f320efc7bb7e537
SHA512

a097c03028a053cf69e5b6bd8ef8b1b8f8193bd392d5f6073b84d6c7556bcbe5f43f0ac53de01587f61b26d2939367a35154f8d2594f48e217fbcacd40002a2f
SSDEEP

3072:K2eymieCP6nxbZ5r4zDitPlv02B+55wXzd6c45:K2eymieCP6nxbZJ4niz02kczdS

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.grupobdb.com
Port:
587
Username:
[email protected]
Password:
hyt@53
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
-7500,00.exe

Files

-7500,00.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ