General
-
Target
4080-42-0x0000000001130000-0x0000000001160000-memory.dmp
-
Size
192KB
-
MD5
5db5bd2245b997c66a902b5f93515bb2
-
SHA1
c211d6351db07aef5743bdec71969b0953d50aec
-
SHA256
5a344088c6dd81065acb9b7b7150089739f9a68804ec53057b4cb15859c13f8d
-
SHA512
c2bbfb23f1bbcfc57cf53c4ac45a3a0d538752e06ba8b6bff3b1f34b79b5591b47dc2253245306126cc7472502a533d772bd47a4f49f13fff520c6e242aa80e3
-
SSDEEP
3072:6D0M/CQutuGc/auv5zcqAZKjo7zpXTdhVtkXlAChSo5Mxl3l:6D0M/CQutumuvoF3zeJEo5Mx
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://ftp.mgcpakistan.com - Port:
21 - Username:
[email protected] - Password:
boygirl123456
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4080-42-0x0000000001130000-0x0000000001160000-memory.dmp
Headers
Sections