agenttesla | 2312-109-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

General

Target

2312-109-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

bb2ab06f8523bff472343605ac7b8497
SHA1

17695334b25d558016f6adf86f47549ec933bfd0
SHA256

e10ff771ec569ce6239f02bbe62ed7f0022075218e2586fa3e6a6bf5cb4ef3d2
SHA512

bde23804581fe2bf21ab9661f667c1d0cf936313ac4c641aec634e4c2ac2688814b7f28a7cebd1f713ed4d4667c0a4802dfe466a8c7623ac5a8d7bd46c881c29
SSDEEP

3072:FbLuyGC+YGryJJAJL4bWEMuIYsSQoFMSB6B5OMp1BV:FbLuyGC+YGryJKL4bWEpI5omSB6rpF

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.abi0expertise.com
Port:
587
Username:
[email protected]
Password:
Najwa1949!
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2312-109-0x0000000000400000-0x0000000000442000-memory.dmp

Files

2312-109-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ