agenttesla | 700a3f6f385fa35265fce9d83c27eaa36c342cfe3561b5ddfbd484d526fa9c67 | Triage

Sharing

General

Target

700a3f6f385fa35265fce9d83c27eaa36c342cfe3561b5ddfbd484d526fa9c67
Size

235KB
MD5

0d86f78e0890d8354c0a699d455d40a5
SHA1

65ef0598861717cd5388c7cd727369ba37474e91
SHA256

700a3f6f385fa35265fce9d83c27eaa36c342cfe3561b5ddfbd484d526fa9c67
SHA512

9619e022530bd8d272f4afb70071d7daadec097bfea2d25834c9bdd01bbcb5fe5b794fd07d7e62e4bde3a6d8afceb4739491573b4808461bb0dcb678381383ff
SSDEEP

3072:WK78YEY/UE6gBDTt/ZL5hPUJkkxRd85N6GofVkj+:/78YEY/UE6gl79pqZrdpGo9

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.hotelroyal.com.pl
Port:
587
Username:
[email protected]
Password:
W0xw6jA.Hdr3
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
700a3f6f385fa35265fce9d83c27eaa36c342cfe3561b5ddfbd484d526fa9c67

Files

700a3f6f385fa35265fce9d83c27eaa36c342cfe3561b5ddfbd484d526fa9c67
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ