agenttesla | f5ecf9f0cdbfa50ead40d83b1865baf67578da1d22e65ff92adeed8967067c9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5ecf9f0cdbfa50ead40d83b1865baf67578da1d22e65ff92adeed8967067c9e
Size

233KB
MD5

1481a60817383014803ff83abb0c8fa8
SHA1

8a7f7927603207063d12bc25153dfb29d5a41542
SHA256

f5ecf9f0cdbfa50ead40d83b1865baf67578da1d22e65ff92adeed8967067c9e
SHA512

6649867d59a6432613cb86fc2e5660645ee500e9a1c6c552a602f0de8838b666d59be9dad22bb69b27bca3e2a8aa6712899bfad2c5fe20bb9dcd3fdfd0fc4d00
SSDEEP

3072:9kNzplR1Zc6WXQ7ib/WAH7boLTBoyDnad5rWQ7cslA:6NzplR1ZTWXQ7ib/14TGyDnaTWWcs

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.technique.net.au
Port:
587
Username:
[email protected]
Password:
Business@2222
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ecf9f0cdbfa50ead40d83b1865baf67578da1d22e65ff92adeed8967067c9e

Files

f5ecf9f0cdbfa50ead40d83b1865baf67578da1d22e65ff92adeed8967067c9e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ