General
-
Target
1840-70-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
6cfb68c71f51905d7fe7edcac4e8cb7b
-
SHA1
dd5b97ac6f9eb5fc81207640496616664897656a
-
SHA256
16db44da95481679a6953c0f02a58a56c4166a3693cdb69e2718365399cff8ea
-
SHA512
c94807a71e5cfebcbc8faba47cf21a0810d6306e94ab27fcdedc783ef53cca8d64f7ee1d95feda11304d56e4b7df941d991ffe46c8d7a839a86aab020317b12e
-
SSDEEP
3072:tkZ3krYX/dqaCNUnc1sT14g3/olURgtknB2ITKUeCwJuW4M:tkZ3kqONlsTJ2Nw5TK0wi
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://ftp.wymascensores.com - Port:
21 - Username:
[email protected] - Password:
Fineboy777@!
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1840-70-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections