agenttesla | 1760-70-0x0000000000400000-0x0000000000441000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1760-70-0x0000000000400000-0x0000000000441000-memory.dmp
Size

260KB
MD5

8fd7c1b5d712e85a5cffb0f66681ca16
SHA1

cd26b5d928ec2193060cd29f3df209c4b622cb8f
SHA256

0d996ea22877f8dfb5c3a27ef8ce96fb063e7b6a64e79d6068ba88f1d5754b1a
SHA512

acb212b2cfb583031057c4032b60e8285ac388f96eb4c44e3ce54d68b3fb619d3b814bb4b4b1bf635e721f87bdb44609b7f9015338ab79926877269645febcb4
SSDEEP

3072:XqqaM97eOTPiK3DruiiF/XbKjP818l+DA9xPqGUroHxkAkcLKdG4j66SWGTPnDbV:aCteODDmzK5+axi0HxLLh4UWGTvDJYd

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

1760-70-0x0000000000400000-0x0000000000441000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ