General
-
Target
1996-34-0x0000000000400000-0x0000000000442000-memory.dmp
-
Size
264KB
-
MD5
266648bbe522311c2048624b709f5c46
-
SHA1
3b44f198bbddca7788e2cb423a0f20fc2e17df15
-
SHA256
9a8552d4b6ba58f435f291b114f315e82c94f640e2d4de374f8720326e60932d
-
SHA512
5a67c06ac0111e0629966514dd4e3d885a888d73b9043f4ffbb9344f96530ed1c469ded83f182a80a9ba6cb0978b606db47db992908e9c9d4b6979c2e7ee3aa3
-
SSDEEP
1536:IybBvGxbuRkuDw4Ij3S7pJyv8JF5VFmEQYd3ocp6fWmoNIN/TiSC/ltJkJWyxMJr:uyw4IjwsCVLQYdx6TT/TiSC6TMJs+pj
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://valvulasthermovalve.cl - Port:
21 - Username:
[email protected] - Password:
LILKOOLL14!!
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1996-34-0x0000000000400000-0x0000000000442000-memory.dmp
Headers
Sections