General
-
Target
820-70-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
61e7c998dbb8a424d6b78fa23c565e62
-
SHA1
034470c01237df94eb103d1c026c70df7768b3c6
-
SHA256
99ead6269b3f080cde65a14a11bf519068d5ccfa024abc7a85fe37589c342bf5
-
SHA512
bc65bd151b0d3592796258bebdd264301fee9e79376eef07927aa53f88f4a08344703e96b4488cb1fb7ca3180aa1de946f74304ba27816316b094a42a11ab122
-
SSDEEP
3072:sWvgVuQs0bkjKOh2KYivLi43r1orKh99/lbcnnnP3fS1qo:sW4VuQsrhIk73s29/lbcnPvS1
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://files.000webhost.com - Port:
21 - Username:
tain00 - Password:
computer@2020
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
820-70-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections