agenttesla | 1964-67-0x000000006F280000-0x00000000702E2000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1964-67-0x000000006F280000-0x00000000702E2000-memory.dmp
Size

16.4MB
MD5

0e5689b4b4309364f00a241eab541f48
SHA1

da2a89047ad5c57d3560245193abb3dfe4501d57
SHA256

b6fbe924ea0927eecbe85d4fcacab9822892adf4e19f59d2c389a1fda8c11f84
SHA512

390ed3ce54b2b42c61fb83ba39638d301e79f30c1050ea7690999deeb477914b6014741b6eaae1d6a405420d4795b4f2969d798dbcb3de8e34ddac7d7740aadc
SSDEEP

3072:enM8giYMwM4qX4mWneWJSdteNGj95HLk/oc8:enMFiYMwM4qX4XnXxYjzkwc

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.inkomech.com
Port:
587
Username:
[email protected]
Password:
Amir@2021
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1964-67-0x000000006F280000-0x00000000702E2000-memory.dmp

Files

1964-67-0x000000006F280000-0x00000000702E2000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ