agenttesla | c34c0169eb861d1da746e767798fa36674a1c96f925930fdd88e91d86c6b74ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c34c0169eb861d1da746e767798fa36674a1c96f925930fdd88e91d86c6b74ae
Size

167KB
MD5

b0ddec8f41afe0d9362947e92b86f6fd
SHA1

af80947650c52aea8da8bd90ddac73dbb387c61e
SHA256

c34c0169eb861d1da746e767798fa36674a1c96f925930fdd88e91d86c6b74ae
SHA512

a17296d4b874b794329259b1be2feb107de04dda8655c24599c82ef895df2efecf5074054b53697e562d2a5c1f242436646716839feb38387a434d2354d03210
SSDEEP

3072:KgpAIaAT/660w19An+gRCLnY5TABgth+5IpbHF:NaAT/6c9A+YC8KythL

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.tapiaamerica.com
Port:
587
Username:
[email protected]
Password:
Censored12
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c34c0169eb861d1da746e767798fa36674a1c96f925930fdd88e91d86c6b74ae

Files

c34c0169eb861d1da746e767798fa36674a1c96f925930fdd88e91d86c6b74ae
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ