agenttesla | 936-56-0x0000000000400000-0x000000000043A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

936-56-0x0000000000400000-0x000000000043A000-memory.dmp
Size

232KB
MD5

5215b857d01d010a1a4eacf817a02ea8
SHA1

72333a6e58bc4f1c3e75a9b3b1c1ee88141d0e06
SHA256

9d3c68f205f75149ff675379911ed6f90a5d81e89c4764f795bf8fe96ab6e370
SHA512

4817db103d7d498820505a17437cef488efe4ec0efc6606462cef29d771424bac2b9dfbfedb85bedb16168e8e3c4768b59087d098146f56de356e0dda59bda66
SSDEEP

6144:NuqLeEhYaHqc80go1dGUfeR01MdIxsHU/SDb8IhHz0fqwe:NuXEhYaHyv0doPhTF

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

936-56-0x0000000000400000-0x000000000043A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ