agenttesla | 038694115d2210f2233b796ea150c20052d2747fb892bf55c7b9e0f60e78f7c6 | Triage

Sharing

General

Target

038694115d2210f2233b796ea150c20052d2747fb892bf55c7b9e0f60e78f7c6
Size

304KB
MD5

66e64bd9491c6c515906825de58816fe
SHA1

b1277ae07e8af6a6edb04e560b62e29aaac080bb
SHA256

038694115d2210f2233b796ea150c20052d2747fb892bf55c7b9e0f60e78f7c6
SHA512

6e3ded4ae0ed6e7c3a3fa4d20ea239177d5906a58be5f5cafce30e3c8813a7a2d15bbe9f2968efe3d3fd56aed182b82f7efaca1b5e1342e7ee04e8694035d996
SSDEEP

6144:muSOqWqOabTSZ8S5mUPJYtGdcrVUmgTqPOldP+zKg3e:LJqWqOa/a5dJEAqWYK

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.thelamalab.com
Port:
587
Username:
[email protected]
Password:
Thel@malab@20!9
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
038694115d2210f2233b796ea150c20052d2747fb892bf55c7b9e0f60e78f7c6

Files

038694115d2210f2233b796ea150c20052d2747fb892bf55c7b9e0f60e78f7c6
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ