agenttesla | 9d5fc3ca539091503a2b58ab2b3aa68c736adf4819ff8183e7d06a6c4133d99f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d5fc3ca539091503a2b58ab2b3aa68c736adf4819ff8183e7d06a6c4133d99f
Size

218KB
MD5

72e358b08504b39916fb6d2ddc5edd3e
SHA1

e8ef80c8f7388e5b65046dae79ff86fef188d2a0
SHA256

9d5fc3ca539091503a2b58ab2b3aa68c736adf4819ff8183e7d06a6c4133d99f
SHA512

a747e91e5a0f87b26e9b0b5fcdc25dd49532576a62fa9a6e2237dc1a3526c47a12a2323ae292ca43509c4026cbbbad36a52b9ffb6c7df5112776f34c876641af
SSDEEP

3072:Y32D8C7vpeHHKZJRHp1HGiisHUsIpWOYbFnSBHaYEXJ4hQdnBQ9Mjof6r2/4GU:Y+Xe0pMgUvsOlHaYezBQmkyry4G

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.biateknos.com
Port:
587
Username:
[email protected]
Password:
biateknossutinah
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d5fc3ca539091503a2b58ab2b3aa68c736adf4819ff8183e7d06a6c4133d99f

Files

9d5fc3ca539091503a2b58ab2b3aa68c736adf4819ff8183e7d06a6c4133d99f
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ