agenttesla | 980-60-0x0000000000400000-0x000000000043A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

980-60-0x0000000000400000-0x000000000043A000-memory.dmp
Size

232KB
MD5

59a202e32cbb133df1b871bbef4bae69
SHA1

3164cf26520397ce47ebed0cfaf97d21f5e5d08b
SHA256

e1ff4a8a06cdb1474541b30bbe76dfc087e91e7387ca50531320ee1c6c72e919
SHA512

5188f8f906e3dbf790147e3e07ca31011a0b243612ca33f439915bf43d1d66186ad5dbb9a7ced0c6ba35db08cdc550aebc86538ebb6de45470e6a3e2cf3f5eb5
SSDEEP

6144:gMJxpZdS/YMpzWSMqUhLKJU86vBCXy7eL2j4Xsq4G3861nF0ne:gMhZdS/YMpzErIKr61a

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

980-60-0x0000000000400000-0x000000000043A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ