agenttesla | 2516-1100-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2516-1100-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

928208f29f03593d1080c36cf4cbb576
SHA1

3ac51032327a3f4f7038e0ff8c5696d6fe76f274
SHA256

01e52c144d6c2459847bb5831411ca1451c9c1049497af8278e09f28021d97a6
SHA512

848a02b8bb8c1abf78e1d2b57a164decdfc85806a96df42b3729bffac4d2bb9b6abc67e28b12f8225fbbe5a75186d8087888debd6992aabdd49919f2bbeb4769
SSDEEP

3072:VdAqALCei6GYdq1+PgBDJN4TbIl6e6BVcopJuOJ7:VdnADi6ddqUPgBQbImV1+OJ

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
gator3220.hostgator.com
Port:
587
Username:
[email protected]
Password:
ZCgD#w!TZ505!!@@
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2516-1100-0x0000000000400000-0x0000000000442000-memory.dmp

Files

2516-1100-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ