agenttesla | 2284-9-0x0000000000080000-0x00000000000C2000-memory[.]dmp | Triage

Sharing

General

Target

2284-9-0x0000000000080000-0x00000000000C2000-memory.dmp
Size

264KB
MD5

f16f47ab589436d74d9e358817a101f4
SHA1

498d190bfdd6779f271cc9d0c75ef2533ac366d3
SHA256

78d02c8580d2af20e2a50ec130ba80e1abd44ae20f698bef6362b9f44ce8c996
SHA512

334e5fe4b7e3c80840c96a9e6542dd4a5109ef9abd61a083b1a9533915dda10db16f2cd9e24a7cc6e419b7b09447b599ebb1130041c1c70f1c19f6e37632b191
SSDEEP

3072:44rT5B5D7/ihQr5bpXvq0GM0QhQ5pN8UOGOf1:44rT5B5D7ahOTS0GM0QhyXOl

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
webmail.interfoodltd.com
Port:
587
Username:
[email protected]
Password:
Abdulnasser@1956
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2284-9-0x0000000000080000-0x00000000000C2000-memory.dmp

Files

2284-9-0x0000000000080000-0x00000000000C2000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ