Overview

overview

10

Static

static

10

564-59-0x0...ry.exe

windows7-x64

564-59-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    564-59-0x0000000000090000-0x00000000000CC000-memory.dmp

  • Size

    240KB

  • MD5

    af57381665fe48d4f1a3f277b1aed049

  • SHA1

    0acec5429e9cc982c9afeecc54053c8696d3a75a

  • SHA256

    32cc9743eb16cf71f955ea1c307a599bedc3fc0709e170a84667524555a522ac

  • SHA512

    5f29d3a1b16834a9f421f9ee09e09c45269b1831130e42f2f7afee03f9256403c972c3bc4fbe5d85bb79008735daa09053b9c3eee45f03dcad9153bff65c9c2e

  • SSDEEP

    6144:nouAjK7sHU+Afyds2kQMwZvXlvRfcSKp5:nrA27sLAfXHwZvV5fDO

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.boydsteamships.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    co*tNjEBt4

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 564-59-0x0000000000090000-0x00000000000CC000-memory.dmp
    .exe windows x86


    Headers

    Sections