agenttesla | e3ae0b688e25bc40f562a061eddaa213a70cbd50e611a22f64ebe53b1c5654a0 | Triage

Sharing

General

Target

e3ae0b688e25bc40f562a061eddaa213a70cbd50e611a22f64ebe53b1c5654a0
Size

237KB
MD5

ec97a48ee0abc799ad5d41dc2d31a392
SHA1

05c0f986b40d7629e93d454f0c1ff534a761a1b5
SHA256

e3ae0b688e25bc40f562a061eddaa213a70cbd50e611a22f64ebe53b1c5654a0
SHA512

cc872f24f608d50d7e7c9425ad0045d914f720a8e46993ae305596dc1d2375236cfc4adcb0c9de6efb2b784e404b2ced318ff03527f8922c1054dc45b154ba26
SSDEEP

3072:675thIuW+ml1HvXHDNv2OuAY/HYQWczuK25hSJWV8+K:67NIuW+mllvXHBvdwKcDVJx+

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.daseragt.com
Port:
587
Username:
[email protected]
Password:
ujqqPd6bofwI
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3ae0b688e25bc40f562a061eddaa213a70cbd50e611a22f64ebe53b1c5654a0

Files

e3ae0b688e25bc40f562a061eddaa213a70cbd50e611a22f64ebe53b1c5654a0
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ