General

  • Target

    888-61-0x0000000000400000-0x000000000043A000-memory.dmp

  • Size

    232KB

  • MD5

    544de5b2d3c0f97224b1fdd8038f26a2

  • SHA1

    10c6291ff1231fa67b7b08fd1f33abc2e3e8ee03

  • SHA256

    cbb80b009d129d7027ba2bc6770f792f9696b20e9f92a6a737d21d792248dace

  • SHA512

    4d050114267e88df0ab0cae6b7fba3a68f3709103e0b595e04c7f409817c7152f9c9df3537d3d2fcdab0a39d41facd1c0373168fde57b66e3fe00d7ef0437b16

  • SSDEEP

    6144:g1dhYQm9xxm4/tYtUlaVYR01MdIxsHU/exI2bQXeNnje:g1oQm9xxDebSQONn

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://ftp.lansol.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    @t6cIop2jJgW

Signatures

Files

  • 888-61-0x0000000000400000-0x000000000043A000-memory.dmp
    .exe windows x86


    Headers

    Sections