General
-
Target
2828-66-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
e66bfbd9194e291b9d75d948672c0bd1
-
SHA1
523b2fb2875674482c3560034a1144bd91af2143
-
SHA256
668fc6af8f9dc78aac118f8f4b6a29412a7aecf1879358277d23772aecc4e55a
-
SHA512
b68582f0f8b87629f022a33f80e3047f425e89c30f50769c1357b5eac516166d4b597a28f638bab0b4b9d31de396fed4412d0ae7651f16bfc92b4619b61fa1f2
-
SSDEEP
3072:+4E3bdaCLHtXI99rQBlB9Wz5cW8rTddeWSd1D15oMMTnBlj:+4E3bdaQHt4vQR9WVsJsXD9inB
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://ftp.yamanlartekstil.com - Port:
21 - Username:
pyamanUi - Password:
yam79Ffg
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2828-66-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections