agenttesla | 2792-30-0x0000000000400000-0x0000000000453000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2792-30-0x0000000000400000-0x0000000000453000-memory.dmp
Size

332KB
MD5

f9e0e6c0c692745b21376090e7657a24
SHA1

6dc3a3429a1fe70a820e03597b575a9ea0c70364
SHA256

9b2f8f5a53913ac2870afba2af78e135e81e45f02d79f4922b76a3cae98bf8d1
SHA512

07c3cbdc5a0507530087fb133129ce4f60b96cec5ec2afb556765d19530cadc36bf116dda64022703f4b8f88cf578f265679785b91ddaa5bc0efa9212c3098e3
SSDEEP

6144:tSt0dHgZzK0Jg1Zlx1iaPWO5bUg/z5IEazhf4lsqjnX:tO0Wo1Zlx1iaPWO5bbrDqlSnX

Score

10^/10

agenttesla

Malware Config

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2792-30-0x0000000000400000-0x0000000000453000-memory.dmp

Files

2792-30-0x0000000000400000-0x0000000000453000-memory.dmp
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ