agenttesla | 4076-135-0x0000000000400000-0x0000000000430000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

4076-135-0...ry.exe

windows7-x64

4076-135-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4076-135-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

4076-135-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

4076-135-0x0000000000400000-0x0000000000430000-memory.dmp
Size

192KB
MD5

c20e72d088d1e2d75bb49916a1eecff1
SHA1

f932cc6ea0aa5ae2c68618330207574e30b3bdf7
SHA256

be27fd347b70ff2466c59821b94a4ab493fa4d5f017eac20b78ad260e7e85a7d
SHA512

498043900e870d3bd5101e4fecb2e13064fbcd4b4dbb6a4e50f23ea76a4b6eafdc19b7e52afeebb686edbd7fba82bc3ef14f4a93124ac2e60c9c7b24aeb23fac
SSDEEP

3072:Sj6Xd1hgGYi1sNiXJxge1bUqkxFyM5UKZ3/772TR:JDg2sNi5yaKxFyqp76T

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.strictfacilityservices.com
Port:
587
Username:
[email protected]
Password:
SFS!@#321
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Files

4076-135-0x0000000000400000-0x0000000000430000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy