agenttesla | 3094e5f556a928f12da28c70e1eb032e356334382316ddfeac73f6ba84f11e36[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3094e5f556a928f12da28c70e1eb032e356334382316ddfeac73f6ba84f11e36.exe
Size

236KB
MD5

a295b18a0e1e2cab73d6f085b0f15a87
SHA1

0bf386b0b05e4b3befeaa96df36fbb1cfdbb1494
SHA256

3094e5f556a928f12da28c70e1eb032e356334382316ddfeac73f6ba84f11e36
SHA512

5d4f3e230aeb4e63063a651986d7f375059545cbe1994692e92c0eb16408f8787c7627888d8439c941260ac901948a76ec1157a69eec5325157638b27a6dbcb6
SSDEEP

6144:tSgPZesxT0kkE0PVgW0bxcA0grGhH+5Id:XPZesxT0kkE0PVgt2grGh

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.clslk.com
Port:
587
Username:
[email protected]
Password:
NUZRATHinam1978
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3094e5f556a928f12da28c70e1eb032e356334382316ddfeac73f6ba84f11e36.exe

Files

3094e5f556a928f12da28c70e1eb032e356334382316ddfeac73f6ba84f11e36.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ