agenttesla | 9ad6de4091e39f9039c6ad69c60c03a0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ad6de4091e39f9039c6ad69c60c03a0_NeikiAnalytics.exe
Size

245KB
MD5

9ad6de4091e39f9039c6ad69c60c03a0
SHA1

d8cfec91fc548568059d063eb22ca040b2c2610c
SHA256

0950f0881e56e1e5cb96ccd78e7d0034618c9341e7ff320e28bebd444a012838
SHA512

4350e2a0aa55f67d39a6b4763909cae782e571fae5cc325f52efe00499598b012c6ff1b3f3b84fdb7fe727de377798a6cb6d6da760c662a328608e3494e36f23
SSDEEP

3072:uO3Qk40QeATrlLgdJRHvrtNa/Pyb59yfdTR:uqQk40QeATrlLg7Na/Py6fN

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.greaterdoha.com
Port:
587
Username:
[email protected]
Password:
baller01baller01
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ad6de4091e39f9039c6ad69c60c03a0_NeikiAnalytics.exe

Files

9ad6de4091e39f9039c6ad69c60c03a0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ