General

  • Target

    3668-138-0x0000000000400000-0x000000000043C000-memory.dmp

  • Size

    240KB

  • MD5

    39d8da0e0b49b884bfb5048aa22cda96

  • SHA1

    ec0f16bb1cf94ae21f3f8e3dc4ce90cafb6cff52

  • SHA256

    e1d213c71e9204244ee66f5a1f4280a0c60033506e2cbdb44273200fa1320895

  • SHA512

    fac9d0cde5b06686ec8ec3172812e730e5d36aadd314e74aa7240002f3b9417e064a90877d7b2d728d6787ceced75c24b3da6d43e52d103a65b404719330449b

  • SSDEEP

    6144:gUpcgUTg+bpjUk95/i3K/6x2QE53yrQw1:1cgl0pd68S1

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://ftp.peva.it
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    Team2318!@#

Signatures

Files

  • 3668-138-0x0000000000400000-0x000000000043C000-memory.dmp
    .exe windows x86


    Headers

    Sections