agenttesla | 2756-56-0x000000006EDC0000-0x000000006FE22000-memory[.]dmp | Triage

Sharing

General

Target

2756-56-0x000000006EDC0000-0x000000006FE22000-memory.dmp
Size

16.4MB
MD5

94c5c57714eb898602f94d43ae410f97
SHA1

8882085ad1e8ca03942b67098b37ed056b0b52fb
SHA256

c74180194e117c2d8333115a9a840c531b44ac5c10486282fcf329edbd27257f
SHA512

4a605a663c8409658cf7f84197cc20c9d9012a07ffd9dae071537d0a0b6b5f8071398124d4c72b9fff26f5bb3598a0a6660d0cac02da1d72796fdc4bc6cb420d
SSDEEP

3072:+tQiW5tfHX/PhgysIbOwnO/S9prLQHEJ7r:+CL5J3/PhgubhoWpnP5

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.1and1.es
Port:
587
Username:
[email protected]
Password:
Adam2312Ritaj0810
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2756-56-0x000000006EDC0000-0x000000006FE22000-memory.dmp

Files

2756-56-0x000000006EDC0000-0x000000006FE22000-memory.dmp
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ