Overview

overview

10

Static

static

10

1916-80-0x...ry.exe

windows7-x64

1916-80-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1916-80-0x0000000000400000-0x000000000043C000-memory.dmp

  • Size

    240KB

  • MD5

    bb622b62b9f37730ffdd3cf3340345ca

  • SHA1

    9a9b8814b500e1fc35d7ba1d3a4395b5890bed4d

  • SHA256

    90112f2f587affbea612d31f7642da98e7cbf62378d6905d188bd3907331ca35

  • SHA512

    9b979d0b0fae075e69ef263fed3f1fe5b79bc5b22431998fb8ac7c3ed0270d0466ae6c822271f90338a9382f543cf9d9951c8cca841bad442cf41dfc61ccb2a2

  • SSDEEP

    3072:O4B1JSUPCN/inAZpibsMqUu6jWUcGMRGv/Gs0vutyoNZeDfr6wx/hGH:O6dCLiwMcUHMIv2utyoNUTOwphG

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Hunter22

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1916-80-0x0000000000400000-0x000000000043C000-memory.dmp
    .exe windows x86


    Headers

    Sections