agenttesla | 051059e250e06b6e5f1914192fee52813acd0391a87cf646de9a781d4f718813 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

051059e250e06b6e5f1914192fee52813acd0391a87cf646de9a781d4f718813
Size

237KB
MD5

c79c1e4b40962dc3c05d9c2ce73e2491
SHA1

d2cc70f3bad67d1f4ccb0e71a9b6b87b32d40c1a
SHA256

051059e250e06b6e5f1914192fee52813acd0391a87cf646de9a781d4f718813
SHA512

4ffd017ca8ab53bc47b5869d5d2e65891e8b84d1ac3ef35d4048d0c45fa5eb927a40adafd1f08da79a23f013e3c9fc0df5291050c2daacadb2abbcf46467e08f
SSDEEP

3072:p2CO+2umuvx+v7eSiWfnByNPgftA8A5gu+0/g6cLi5kAIE4R0:p2T+2umuvx+DeEfgNIFj5O/+qIJR

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
N@DRpoY0
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051059e250e06b6e5f1914192fee52813acd0391a87cf646de9a781d4f718813

Files

051059e250e06b6e5f1914192fee52813acd0391a87cf646de9a781d4f718813
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ