General
-
Target
1908-956-0x0000000000400000-0x0000000000442000-memory.dmp
-
Size
264KB
-
MD5
b43f79b87895836cc180546b38af7634
-
SHA1
53933fcdc5ca398f0ad9773360805e141917ff39
-
SHA256
c565e952fb98ea58c2c08c9c5d8b447de0941c8e745983bd7aa1dc73c9c06919
-
SHA512
5c65c40f1e907c816496c345ace8e7fa4745a068450c38781107af477dd1825719f77a0591c40731db9f7830d3a02388632eec9f9573edadd599f8a228afaa3e
-
SSDEEP
3072:sJE48YCpyiCW/qDs6i8aE2eScX56sOVPO1:CE48YEyiCW/qDhZ2Rc9OB
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
mail.amtechprinting.com - Port:
587 - Username:
[email protected] - Password:
VT(*FI[(l&d0 - Email To:
[email protected]
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1908-956-0x0000000000400000-0x0000000000442000-memory.dmp
Headers
Sections