agenttesla | 292-84-0x0000000000400000-0x0000000000615000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

292-84-0x0...ry.exe

windows7-x64

292-84-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

292-84-0x0000000000400000-0x0000000000615000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

292-84-0x0000000000400000-0x0000000000615000-memory.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

292-84-0x0000000000400000-0x0000000000615000-memory.dmp
Size

2.1MB
MD5

c0e55348c2244c968699f22a8e1d3c3e
SHA1

64f505e37cc5e3fcf05bb7a459a556e0e61d3fd7
SHA256

1829c48f022687407eed1ef6245200075315d1035adb89e40e5141a9aac920eb
SHA512

aa2406a3b3cb4aabe6504904affd26c3d6241f25eb858a33a14854804007bea0dc41bb925ab21c66d1618cf827bfb4f1fa649f5ee235af7122d78a411d11d133
SSDEEP

3072:nnHn3ck5FCy1cKCATm6NoBG5oLz6/358M3kZXa6O:N5HvVXJ5C88cUq6

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.heladospalacio.com
Port:
587
Username:
[email protected]
Password:
Drs4x0!6
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Files

292-84-0x0000000000400000-0x0000000000615000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy