General
-
Target
4499077fe4f2c56b509836c30fb2dfc9410d73b0767bbbf88696ca941df6a623
-
Size
165KB
-
MD5
1990b2894ddc5c880fd0719698058001
-
SHA1
9fc799bbb24905e466ef2a115cd8c0a7a18e2382
-
SHA256
4499077fe4f2c56b509836c30fb2dfc9410d73b0767bbbf88696ca941df6a623
-
SHA512
0b03bf5b687c1b7e93ae8fd85c462b37f1110540284c070b214b384e875bd6d555f38af70c8f86e5414d7eecaf9a8e09ff9967d83fbecd7ec7e1aea61b84e0f3
-
SSDEEP
3072:tCyLGlHofRs5w0/KuqXlCjV/TXrhaUx4oZENGzhOpgl:pMl/KlCNgUzZEMV0g
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
server327.web-hosting.com - Port:
587 - Username:
[email protected] - Password:
3L3lvqtPESC3 - Email To:
[email protected]
Signatures
-
Agenttesla family
-
Detect packed .NET executables. Mostly AgentTeslaV4. 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4499077fe4f2c56b509836c30fb2dfc9410d73b0767bbbf88696ca941df6a623
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections