agenttesla | 5711154a5a3b1fddef167b688eb44716d120b1b6a21d67449bf49d77ce33059e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5711154a5a3b1fddef167b688eb44716d120b1b6a21d67449bf49d77ce33059e
Size

239KB
MD5

7778bbeacc8add7df3996267fc83ece5
SHA1

0aab0f274c4e262a49109f4cd3c53580678b2fc1
SHA256

5711154a5a3b1fddef167b688eb44716d120b1b6a21d67449bf49d77ce33059e
SHA512

14eccff71e0671cb05a96bdb1fe2a0f3f7724923661955b0e4153afc1682b721b3c623afab3816e812fe13d19cceab93651be55aa5a2f961f695f097607dfbe7
SSDEEP

3072:xGi/GyWKWNGnsYpO7jtzaZKklU1wbMUkej0ij5O6LyGPT:bGyWKWNGPpuAUwbBkg0iFLZ

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.jeepcommerce.rs
Port:
21
Username:
[email protected]
Password:
QtU[bF0Zo#+M

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5711154a5a3b1fddef167b688eb44716d120b1b6a21d67449bf49d77ce33059e

Files

5711154a5a3b1fddef167b688eb44716d120b1b6a21d67449bf49d77ce33059e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ