agenttesla | bed5b176d282600f1633e9e953801387f49462887b140cf7ae3ad97b05cb2ffe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bed5b176d282600f1633e9e953801387f49462887b140cf7ae3ad97b05cb2ffe
Size

235KB
MD5

a5932bd8dc868cdc72870fa6f7b11efa
SHA1

b8950cf1203b9f12403e8090d24242153d95748e
SHA256

bed5b176d282600f1633e9e953801387f49462887b140cf7ae3ad97b05cb2ffe
SHA512

c41bafdac649d0a0502e752ac16c3963ef1409c31d1efbaa2a46ee77df00325aa01c3d672ef14ae5a198663eea35d1f22cb484e2fa176d9e14d5279da9fb63bd
SSDEEP

3072:xa3egwY8T0k4rOdEwiJlkOVsQyXpgmps5jLCsMvo:xa4Y84k4rOewiJlF6pgkGCs0

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.dcdanismanlik.com.tr
Port:
587
Username:
[email protected]
Password:
dc2023%daN%
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bed5b176d282600f1633e9e953801387f49462887b140cf7ae3ad97b05cb2ffe

Files

bed5b176d282600f1633e9e953801387f49462887b140cf7ae3ad97b05cb2ffe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ