Behavioral task
behavioral1
Sample
1872-64-0x0000000000400000-0x000000000043A000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1872-64-0x0000000000400000-0x000000000043A000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
1872-64-0x0000000000400000-0x000000000043A000-memory.dmp
-
Size
232KB
-
MD5
79274a89e81a224f5972536760c9d9fc
-
SHA1
7a28ed7c2acf4adc83e4ecbeb0886db3c39910a7
-
SHA256
3f892acea6ca3af8976c0f2b0a693e7db86e37648958d22f43ce1bb76dd4f2d9
-
SHA512
ba8dbfd02c809a07d3fab1d7e25f32888ee24fd66cfc6948a75f1a703a2bdd40c94375e15f9eba64398bb3894ae3043b0b13c3ed5543e02d284285e4abeb362e
-
SSDEEP
6144:64NIuNBm9dK2xgouyUCNDHbCXy7eL2j4Xs2eLGFNA/Jo+lkke:64NJBm9dK2wEDQNE2
Malware Config
Signatures
-
Agenttesla family
Files
-
1872-64-0x0000000000400000-0x000000000043A000-memory.dmp.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 206KB - Virtual size: 206KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 792B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ