agenttesla | MT 103[.]exe | Triage

Sharing

General

Target

MT 103.exe
Size

234KB
MD5

ee0c4eaa435374aef1f1b7f6d7d5cc6e
SHA1

47abec4753b1c3b39f7d3df3543a49304015c80c
SHA256

40743b001668c1a8708544096f52b84c250f3c99c982d9abeb8d3a7207d4f90d
SHA512

98b3d422c4302e372b61971f58bf5c59f2d7ce248cbb8a3970f83451b0bd73287a3e83dcfde943de88891bbcbbb6e0bd7fb32d1b760aa8472f861cb2ec4144d8
SSDEEP

3072:IbEmieCmoVbGqUbsHtUvrfibc2hde5sjLrc/:IbEmieCmoVbGqUbswrL2THLA

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.mansahbrothers.com
Port:
587
Username:
[email protected]
Password:
hl*Dxzo2
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MT 103.exe

Files

MT 103.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ