agenttesla | 2024-63-0x0000000000400000-0x000000000043A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-63-0x0000000000400000-0x000000000043A000-memory.dmp
Size

232KB
MD5

9c8ca9e8400d3c6d3512606b73a18fe8
SHA1

c797f407fb1a4947674d9eba240b5dfa6bf8cf16
SHA256

ff21279604680800406f189ed0854df1c537fadf8ed404b4356f2c9c9f79d361
SHA512

89c26e41da20247eb737926ced0b03375d617ba61aa72d72d67f88369c073ffcfc92453b9ada271474e1be6f23ad9c8afa59236e90cb513d303de6ccc8c463da
SSDEEP

6144:J+6qF5yTKpItGxUOCXtIt0REZcnYz9ZWIRSDxqWbs:J+6qjI2YxB

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

2024-63-0x0000000000400000-0x000000000043A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ