agenttesla | 1792-71-0x0000000000400000-0x000000000043A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1792-71-0x0000000000400000-0x000000000043A000-memory.dmp
Size

232KB
MD5

c02a79d406bd1d17e0f10141a84b7337
SHA1

1cb4e4f34e7813b00d2e032b6fb7e833cf2c897f
SHA256

4dbae7c6025efe2bb6818b78875acb26762da9e8f11cd38beacec5b66dd0cdb8
SHA512

73b6c10723634c8e7e881cf003c68a0a7c943a92f4ab467687a5e4af8e88ec05f0e5bd0b5a27143bb5016ccd88dc00fb55f545004d2278f23f6376d296d101cc
SSDEEP

6144:iO63GbFES2oNfG3HUMNWUmtIgWCXy7eL2j4XssRWkok7THBcx9Ae:iOTbFES2c60gbCZ7TS

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

1792-71-0x0000000000400000-0x000000000043A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ