agenttesla | 2212-163-0x0000000000400000-0x0000000000430000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2212-163-0x0000000000400000-0x0000000000430000-memory.dmp
Size

192KB
MD5

675f5dd3cafd5b9c7a9b73531f5e5ef8
SHA1

040dab5e1c32d177fb9e1ccad1a2d0cdbd60bb12
SHA256

568f6a8e9975a9063469b0c97300f3a9baf4a79c334212833e6fbd21923510b1
SHA512

27ad8eb7d9d68683ca1afcc963748f348f358650a4e6ba57936202d6b48f57555236b32b6ccab4eb2e15711f6d4b67bdd8832d52a380c010d0327284a228f770
SSDEEP

3072:eUUq36n0LDJl/x/S09TYM3x5I3eCTocQ6mXs9pc:d/hfJl009TYM3ERT5Gs

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.sculeprofi.ro
Port:
587
Username:
[email protected]
Password:
Scule2021!!!
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2212-163-0x0000000000400000-0x0000000000430000-memory.dmp

Files

2212-163-0x0000000000400000-0x0000000000430000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ