agenttesla | 8414280e7bc6df6b501899457d3d102ef0bca96f3df6f78e20d207d96bd70406 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8414280e7bc6df6b501899457d3d102ef0bca96f3df6f78e20d207d96bd70406
Size

160KB
MD5

c56d831670f4394248e9ff4e6fccd3f6
SHA1

2df2a153a76756d4d70759f46231c08bb55c5df5
SHA256

8414280e7bc6df6b501899457d3d102ef0bca96f3df6f78e20d207d96bd70406
SHA512

29913532353b21e4ab7dec0ddb45a3457025b0ee8dc7abb63f2938a9e9a96440300bb12bab25dcfb14051d27ab41e86285845a48d98615b36b7010e6753e4f31
SSDEEP

3072:eEpxsL8yT9YMGryHz2UZ7dKTVGNB/1m1Y3QNHqQ0NvZNPTZ7YN:eEcYMyyHz2UZqMD/1m1Y3QNKQmvZdT

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
madrid.servershost.net
Port:
587
Username:
[email protected]
Password:
Goodplace1@1

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8414280e7bc6df6b501899457d3d102ef0bca96f3df6f78e20d207d96bd70406

Files

8414280e7bc6df6b501899457d3d102ef0bca96f3df6f78e20d207d96bd70406
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ