agenttesla | 848738625871a5fcafad544d459004a87c50a2c41fee03d5e58d1228792dc64d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

848738625871a5fcafad544d459004a87c50a2c41fee03d5e58d1228792dc64d
Size

247KB
MD5

3da0cb5913a59d074e57280c7c9ca3b5
SHA1

b9115e0f319752ef2c02ac8f721faa4711374583
SHA256

848738625871a5fcafad544d459004a87c50a2c41fee03d5e58d1228792dc64d
SHA512

aeda31b2ee813ec3ee0b08010797b72f34137b36802d1b204d726f337724f62fd774f972f4cc65992c83c71028c7cc3c9a575cf8deeeae7b0ac3df612e30c2f5
SSDEEP

3072:N1a+oxTjLrDoFzTBITRfPdpcG4G9mS+6mCfatPu+5EVtZDDgoX9:N1a7TjLrDazTBIld+lC22htl

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.avtorska.com.mk
Port:
587
Username:
[email protected]
Password:
avtorska2014@
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
848738625871a5fcafad544d459004a87c50a2c41fee03d5e58d1228792dc64d

Files

848738625871a5fcafad544d459004a87c50a2c41fee03d5e58d1228792dc64d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ