agenttesla | 2852-13-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

General

Target

2852-13-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

0477ea56a5903ff0d86e36f30b39d03d
SHA1

4d95840a2941940f287ad1de564c55e595e4cc8e
SHA256

74b4bffb40dddd59c7dc4b9a7507f1d933b252e50bc4478453d43c8a4b93de16
SHA512

f4a44cf5b0a31eda35b6c6c7b8ef9fceac03fa08dc473b67ce23c7424a092239725ebb0b1f5bad5a2fc02ad7b3459e6cfb2c4142566eb20951aa49f097f1e399
SSDEEP

3072:kINhRu3Lb7U8T1JzEaelCEuamz/ReasarDZYUEi9TL:94I8T1JzEae43amz/RNJrDZYUEw

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.scorpionlogistics.qa
Port:
587
Username:
[email protected]
Password:
M30009637
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2852-13-0x0000000000400000-0x0000000000442000-memory.dmp

Files

2852-13-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ