agenttesla | 4460-37-0x00000000074F0000-0x0000000007532000-memory[.]dmp | Triage

Sharing

General

Target

4460-37-0x00000000074F0000-0x0000000007532000-memory.dmp
Size

264KB
MD5

0c5a7317d16077eb85c684dc0199b018
SHA1

86c80db7a384c74f1440e835e89a73dd27cf6982
SHA256

a46f8a3496fb294eee5f2d49d8fcc0dce5a231bedacb1b62e7e84eb46d4b42d2
SHA512

0712b8f6a6d3aaa7f0d8e8029a53b536ceb781b9a6e99a17162b32c63a484d24ae1bd02742feabac392a2e1a5202b036676ec2558c25bf68bf5d8b8867407d49
SSDEEP

3072:ooWYE48YC2kMqeU9221mI5p8ncTg5QJOHBeKMk5:oFYE48Y7kyKFms8ncTIHBed

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.cyber.net.pk
Port:
587
Username:
[email protected]
Password:
Zain2357@
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4460-37-0x00000000074F0000-0x0000000007532000-memory.dmp

Files

4460-37-0x00000000074F0000-0x0000000007532000-memory.dmp
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ