Behavioral task
behavioral1
Sample
744-67-0x0000000000400000-0x000000000043A000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
744-67-0x0000000000400000-0x000000000043A000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
744-67-0x0000000000400000-0x000000000043A000-memory.dmp
-
Size
232KB
-
MD5
42924abdda6cc27979f9cb06d74fe1ed
-
SHA1
97bb9a6dc26b61d8e2193e2136dbd540b131f028
-
SHA256
15e2519f7564ee0acb6f23f73132ebccc1c763c41321b05d0a8bb5039f877508
-
SHA512
b08fdbb49bf55ced2644996f5cdb8db2d5c17ed322c50e8c786e7c487f0bea05761f6b2787b9fce9a80c4afa097f822feccf0f0008d7e026ad394aa7825f35fa
-
SSDEEP
6144:yIthH5+fqXkugjUWMsJYRg1sBKZiB3BN3zmxe:yIt15+fygqm
Malware Config
Signatures
-
Agenttesla family
Files
-
744-67-0x0000000000400000-0x000000000043A000-memory.dmp.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 207KB - Virtual size: 206KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ