General
-
Target
1628-60-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
c3ca05874a7a5711c6b3f4fcaf21de5e
-
SHA1
2da0f5c854e440a999e4e17e0c3a6363803cd5f1
-
SHA256
70ecf05fb18304798d4fe38da3d76291aea56ebd7eaf1f2626e556af52fbe53c
-
SHA512
f7237d6d6c0b86aa9c7713eb07984b8b62bdb6d6848212aa5124a958081cea1678b8f948da99f8a9ffbb0b14f0b5feadec58cdf68396038b457eac272ca10e7a
-
SSDEEP
3072:uYQ7aqepkGcCU6NcQWVILnVrbEQXgf0s2ZpNBXvnJgBXlwC+DTZ83JDAmuZJzXgc:utuVNi2Hvnag6AmkdXg
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://195.58.39.94 - Port:
21 - Username:
[email protected] - Password:
product-secured##
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1628-60-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections