agenttesla | 4d40419e1222c90b956f4e6426b9f4d322866d5bda477dd37b9279b1b3c2fb30 | Triage

Sharing

General

Target

4d40419e1222c90b956f4e6426b9f4d322866d5bda477dd37b9279b1b3c2fb30
Size

164KB
MD5

febca331b637916b2de62dd345d3d987
SHA1

6d4d8b188f21d49839a389c268beb7c583cdae5b
SHA256

4d40419e1222c90b956f4e6426b9f4d322866d5bda477dd37b9279b1b3c2fb30
SHA512

dfdc83e08921ef9138977cf2fdd81e28b95aa0b5b0ddb1a88cd4f173a41ae56bf15a720e8beb481942174bceff91238d5c94c9848addd1798708c06da56eb0db
SSDEEP

3072:NtPNEmckLi1s6JqIKf90miHoWgONoqkhAU3kvZM4H:N2Zs6cIKl0mrWgUoOky+4

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.cebc.eu
Port:
587
Username:
[email protected]
Password:
mprI?DOy1BX8
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d40419e1222c90b956f4e6426b9f4d322866d5bda477dd37b9279b1b3c2fb30

Files

4d40419e1222c90b956f4e6426b9f4d322866d5bda477dd37b9279b1b3c2fb30
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ