agenttesla | 2028-66-0x0000000000400000-0x000000000043A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2028-66-0x0000000000400000-0x000000000043A000-memory.dmp
Size

232KB
MD5

7f0e1dbe9190d16f6865cc2e7f657722
SHA1

c1f41457855f8fc466ca0b03f76fc413f3dc0d59
SHA256

7c68987f9a7baa67bffb5e34431e87cbc8fdbbedb1453b3c0485458c55008060
SHA512

3171834321a71e6ee71d26cd807db99c428b365a0e69d9cbc3331d02b8f712613007da4eb4c3663af462d6ccf6d5469ca31e165cbadf6562e33da0ec17c0f81d
SSDEEP

6144:/3XBcfFCFEa9mQf8mUylUwwYrlsCXy7eL2j4XsH7U3UgpHe:/3XkFCFEa9mT/y/lRF

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

2028-66-0x0000000000400000-0x000000000043A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ