General
-
Target
4516-149-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
4ed0d467ad8cc212a106012db36df104
-
SHA1
d64eee14709e24f3c79eb1498e5a7578e5f9b5da
-
SHA256
86ae0afe0d066511dd738c38c6c0673322bb23ce493e71701077b1dd9dd5caf1
-
SHA512
e2218ef08aa1d750e8ef303320a96edb964d51bcffd160974720a5c48dd451b6430d0aac1720e7cd5d8e12ff3759a19ab5a6eafab7db242024a2fe0d549bce89
-
SSDEEP
3072:Y1oZjbAK2s9WtCUd9q4/RSwjC1ycuUYFg+zAAW5OJw:yoZvCmq1Tq45OycuIGWM
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
valerehandstand.com - Port:
587 - Username:
[email protected] - Password:
?z&YA$&W(LN? - Email To:
[email protected]
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4516-149-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections