agenttesla | 1112-10593-0x0000000000400000-0x0000000000444000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1112-10593-0x0000000000400000-0x0000000000444000-memory.dmp
Size

272KB
MD5

ed36c5177be9ef9d29ee9da7e8607c28
SHA1

738471c6a1a3bc0e875b7c54af1822e699dbf571
SHA256

40e9459bde3c54e3f4fe7e464fd206b38a28c4cabe179a052879977eaf1813ff
SHA512

25a8e23b60309c71de4c06eaf2090a4f87aa5d19ae5c52905ca5bb5899af40410b738168e53ebd4f0da63852fd77b706dd2e8d7f3b52c9cfad83a9b1e7b175d5
SSDEEP

6144:+BT/4fQFzW/+p4WFu5QRiBlsU+uRXuNjk7qqyzp9GFE94I77t1gCpX7mxDpdv0p5:sT/jL47TRy

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
evantelamin.top
Port:
587
Username:
[email protected]
Password:
X?)AzNk7,R~X
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1112-10593-0x0000000000400000-0x0000000000444000-memory.dmp

Files

1112-10593-0x0000000000400000-0x0000000000444000-memory.dmp
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ