agenttesla | bfcd9f3ba966a1a0294bf2a4bc995779bef3d53cf0895b7d511e56532353d410 | Triage

Sharing

General

Target

bfcd9f3ba966a1a0294bf2a4bc995779bef3d53cf0895b7d511e56532353d410
Size

216KB
MD5

ffc1d3b8526ea05c8f484f5d4c869acf
SHA1

fd443b5b36b20f865ab92408810088e42e26e404
SHA256

bfcd9f3ba966a1a0294bf2a4bc995779bef3d53cf0895b7d511e56532353d410
SHA512

2729b373fe7030ec8c02b7a237f9c55b11046676374bd0ba57ccb782e483dcc51e30faae63b8c24e69c4d48ece9e12b91a8f80b4709f8538f9e50c3048d8cf1b
SSDEEP

6144:4OVnwlixvUjmlkeLYUSuHXWNuqH9nTQ7PHxq:9nRxC89hXBqHirH

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.bensonautomobleglass.com
Port:
587
Username:
[email protected]
Password:
cjl@B!iw71@I

Signatures

AgentTesla payload 1 IoCs

resource	yara_rule
sample	family_agenttesla

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfcd9f3ba966a1a0294bf2a4bc995779bef3d53cf0895b7d511e56532353d410

Files

bfcd9f3ba966a1a0294bf2a4bc995779bef3d53cf0895b7d511e56532353d410
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ