agenttesla | c5b361e09b7cded648fa6e672873936e572f9e9de67b8b3a6fb449736192b0f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5b361e09b7cded648fa6e672873936e572f9e9de67b8b3a6fb449736192b0f3
Size

165KB
MD5

c393986feee8d7aeaf851b8a25597fb9
SHA1

7af1716a6176b46045f7fc1f725106cc4324c42e
SHA256

c5b361e09b7cded648fa6e672873936e572f9e9de67b8b3a6fb449736192b0f3
SHA512

8ff13a582c9258c36f87e0b85a90f7cdbb3490f73ac259e785ae811c9dfe20d04cc8d7eb6d55e9d64e2d9b54aca1beea01d4094171f6d208f66096eac0927cf5
SSDEEP

3072:mXYQZIsry0/KGqLLq7tjuUDvlW/xnWN/9Y:MIsViuT7lW/lI/9

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
webmail.stonetextilecmt.com
Port:
587
Username:
[email protected]
Password:
}BRrYQudL&G+
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5b361e09b7cded648fa6e672873936e572f9e9de67b8b3a6fb449736192b0f3

Files

c5b361e09b7cded648fa6e672873936e572f9e9de67b8b3a6fb449736192b0f3
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ