agenttesla | de1aec9b474fa17f486f86f9c0948f6c9e20601bbfede93e5e4cf6a8aa377fdb[.]exe | Triage

Sharing

General

Target

de1aec9b474fa17f486f86f9c0948f6c9e20601bbfede93e5e4cf6a8aa377fdb.exe
Size

245KB
MD5

9f01cf3444637c748f649b440b20298a
SHA1

821f40ece156fdb4c87230b3d10b5a49fd364919
SHA256

de1aec9b474fa17f486f86f9c0948f6c9e20601bbfede93e5e4cf6a8aa377fdb
SHA512

bceeb995c51f22925604bd73024ab9fe3141c4a6f7a4c8c76edbbba1a087a20c94918c6e2e7c03326193ce5533075a084d0c9d314271f6c35a3f8271ddd40fe7
SSDEEP

3072:y9HzfrPTGNqwfFQNgORJ2Aruasr4tC70bA554l/CFa1:ylzfrPTGNqwfFQNgYOeCAA6/A

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.rvm.rs
Port:
587
Username:
[email protected]
Password:
rgW$rL,d@dc!
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de1aec9b474fa17f486f86f9c0948f6c9e20601bbfede93e5e4cf6a8aa377fdb.exe

Files

de1aec9b474fa17f486f86f9c0948f6c9e20601bbfede93e5e4cf6a8aa377fdb.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ