agenttesla | 1064-69-0x00000000003A0000-0x00000000003DC000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1064-69-0x00000000003A0000-0x00000000003DC000-memory.dmp
Size

240KB
MD5

653ecd288fb5448f59dec89bde83924c
SHA1

8c64fd60d371e5e9ab9673e76036886f91418621
SHA256

84d36c9c1e23c12a885c5cd3bf5e22d9b4fdaf3955b4559958fc9cd320e511d8
SHA512

a96c6cbf6d83000517d6175ce53d6cf990765ded2270bd42f371883d7d09610cbe7442c071cc42354b3a261bce05b85c8395dffb12bbe2deb9234f8637b0314e
SSDEEP

6144:xryCB2GFfXUI/N5y3noRIM16Zt3jI/QXKrgWT:5hVFfb3IMA16QKT

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

1064-69-0x00000000003A0000-0x00000000003DC000-memory.dmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ