agenttesla | a1a4560d1aa7814cc94176fed1fd3836df78224fd7129b782a3a0b3014997082 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1a4560d1aa7814cc94176fed1fd3836df78224fd7129b782a3a0b3014997082
Size

245KB
MD5

d0b098dc7d827774d7773a8d1a060e26
SHA1

6cdd5198bbe7737315c723d86441d64951a145df
SHA256

a1a4560d1aa7814cc94176fed1fd3836df78224fd7129b782a3a0b3014997082
SHA512

8d525b5b56d58beec51d834c8e65474ad7d2bc8662bcd244663f782e1271415a1c33e1f4f258e1c79c881add0f2548df4e5de4153e232940f001d6ed0874948e
SSDEEP

3072:aQidoxpZRBEhKruWZw8TxkAZN5Ghy5lm0c:atdoxpZRBEhKruDvAZsyO

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.afanew.cl
Port:
587
Username:
[email protected]
Password:
=z${951xIh=a
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1a4560d1aa7814cc94176fed1fd3836df78224fd7129b782a3a0b3014997082

Files

a1a4560d1aa7814cc94176fed1fd3836df78224fd7129b782a3a0b3014997082
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ