agenttesla | 1828-63-0x0000000000400000-0x000000000043A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1828-63-0x0000000000400000-0x000000000043A000-memory.dmp
Size

232KB
MD5

d4e6d9b32e501eea1369a7576ee3b1e7
SHA1

15e6a49810bc26cb7b645b63830ba8b06465cc08
SHA256

853e2c2b55314f55f26d283ab42ffbb4b7d396ca6286a4c95fb2d6204b16f559
SHA512

30bd5f87040623376ff44bb7ac2d07c060cf876ce64f63af95ebd1a876f979f16647305af20983a5ed4b7968a83ac7f8be8cb5b111554e1bfc5abfc7fce08609
SSDEEP

6144:E3wiVNFmiRlb5kDaC0UHTyQCXy7eL2j4XsOaUyoQ8+:E3wWFmiRlb5S3f

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

1828-63-0x0000000000400000-0x000000000043A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ