General
-
Target
432-63-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
59f7d750acd814885467fe9ecb8ee5ac
-
SHA1
4903e3de36d00cdc6f6a00431a1240fbb27dd6ce
-
SHA256
16ef37aa240315c023e85407dee7144cb8419bf236c337b37b715f14e56b6a00
-
SHA512
9f5b93412aaf4f6e0c37d6ac848ff1391039c2bfe3bb286bc026d21f67e9c9852513bd93694190c0b3468094b1bb5e1d198880ed35bbcd0a136e46fb790f5288
-
SSDEEP
3072:qOEh7xgFtuukVi+l4jp5d3P/Lx+FvDyY7qab7HzU2tcB90JnvM2:qOEh7xgFtuNIO6p5Rj4vtmAM22B0nv
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://valvulasthermovalve.cl - Port:
21 - Username:
[email protected] - Password:
LILKOOLL14!!
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
432-63-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections