agenttesla | 2604-21-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

General

Target

2604-21-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

ad8703fa16f4845cbaba78f1d4ed875c
SHA1

681ee628fddbbcbb42e8862ad89a8eca23feff7c
SHA256

a27c5364ab0c504da91fbf2a44ebf80c3051593decc67f5a3ff6954e5672a7e8
SHA512

2c61ac8c715baeb93b91f9d621bc103639c3f85096be3cdc36ceaf1849b78332e88f2b89f9af730516132d721d2a1c02c7af9e815a211735ae2cd93d8691af8b
SSDEEP

1536:2XxrQZlx1Jq58Ls4T8Cyhbeu/UCK0wHXG7tXlOiGoB0fg15g493oX6ZGRv7iPS:akZlx1Jk4s4ICqbeXywy0fg15h26ZG

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
laingenieros.com
Port:
587
Username:
[email protected]
Password:
Uxrfk!94
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2604-21-0x0000000000400000-0x0000000000442000-memory.dmp

Files

2604-21-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ