agenttesla | 7b6867606027bfca492f95e2197a3571d3332d59b65e1850cb20aa6854486b41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b6867606027bfca492f95e2197a3571d3332d59b65e1850cb20aa6854486b41
Size

243KB
MD5

6999d02aa08b56efe8b2dbbd6fdc9a78
SHA1

a7d8d30afe72fa196001fc89b4e043748b439207
SHA256

7b6867606027bfca492f95e2197a3571d3332d59b65e1850cb20aa6854486b41
SHA512

1ae7dbccb63a7589ba01fc3e0bc500e4c27d7d6da73db4c981aff4d4997df19137a38472b45f85ce0ac72e847bc6e76663fb97cdedc5c76ad12e8dab2e0f706e
SSDEEP

3072:S+ewQWa+qm+HPJJOPNIcn8rvxCncAaaLcG5CuhL9R9m:fewQWa+qm+HPJJFtCnfaKcJSL/

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.termopane-calarasi.ro
Port:
587
Username:
[email protected]
Password:
Termopan1977
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b6867606027bfca492f95e2197a3571d3332d59b65e1850cb20aa6854486b41

Files

7b6867606027bfca492f95e2197a3571d3332d59b65e1850cb20aa6854486b41
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ