agenttesla | 5bac3eb3f3d0fc356fa6025d59b45f253ae2b08ab27e840322c9b8d84bac0907 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bac3eb3f3d0fc356fa6025d59b45f253ae2b08ab27e840322c9b8d84bac0907
Size

237KB
MD5

2f05f9fcdc4ef8a63a2b24869c714ee1
SHA1

1d0729d63e7ef7454997d5c20c4d8631e9a9a869
SHA256

5bac3eb3f3d0fc356fa6025d59b45f253ae2b08ab27e840322c9b8d84bac0907
SHA512

5d05f44e8379b0155e44ad1e2188084eba69dee82cb7da256cef7a8f36fc89cea8df2933438a89fc8fb6a11c385c63feda798c2280126718f4d32ef4a28d0930
SSDEEP

3072:FTb+06yayKeAK9/vvs0ijEeYyp3xl2XgwOqKKa3QHk5UNNFytjP:hb6yayKeAKB52dhleKKaAHXFS

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.cxtopy.top
Port:
587
Username:
[email protected]
Password:
xD[cB(Qr33#+
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bac3eb3f3d0fc356fa6025d59b45f253ae2b08ab27e840322c9b8d84bac0907

Files

5bac3eb3f3d0fc356fa6025d59b45f253ae2b08ab27e840322c9b8d84bac0907
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ