agenttesla | 03840999[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03840999.dmp
Size

192KB
MD5

76dd8c09c4f8319c0df8ae4dd86ef153
SHA1

10798f4a7aeaf2bd02f9d8ae27eb0134a5674b06
SHA256

536e97338f33690b430bb048f749c392b50f355df060aab660022d53f5ed07ed
SHA512

732ae8024b7a310f7a4a5a6af7d2c5673539aa8edbf389468b9a6385cb08b2f2c1bbe6d8d2a1b10aff2a3bdbe6aa02d07a92c80ea98db55cfdbc85ed39c127c9
SSDEEP

3072:9YdmuJoKTXX+gRH5aEIVF7h50sopuWDNYz84IxwXag2+:9YyKTHDR5aB0ssNYz/agN

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03840999.dmp

Files

03840999.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ