agenttesla | 1660-69-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1660-69-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

131b24c860d475b8d75f5bc5a9c712d0
SHA1

773c3a4736b263e40f43975caad17092c98b6432
SHA256

d1afe3a5f543c35e8fc6ac04eb4a8a61e9800b21e82c042723019986a7986df7
SHA512

2358879f712537ea43aa2d4f777d57c77f8f0d4728cccfc16689f88451b72fefd326671e7ccb38ba1ef976c9bc41484fe5b17b0efea7f1f2672727b78c90ed57
SSDEEP

3072:ZGybM97hOQ/iK2jrOyipV/XbKjvd18lDs46cMsE+JDdjIREZeGGNTW9HGM8AWuX2:sDthOzj8VzKmDB6cM4pmKv18RYyuw0V

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Files

1660-69-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ