General

  • Target

    2452-1393-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    c0e1f0b395e36053f413dd5bd6fae1da

  • SHA1

    df0767724433614838407171c9e2ff9d291ca6cf

  • SHA256

    5ae16d853e067f02c68c18078b64b16f0628704fa454b993eefdd87d8f6dfb92

  • SHA512

    7accdd411d8e76f4ac42d67c3ad2d758651287136d7dfcb640c02ab04a76c78e62537bcae9302a73a731477df84a36d8db06b3ade73879d8d991a536b9a90efd

  • SSDEEP

    3072:+WvgVuQs0bkjKOh2KYivLi43r1orKh99/lbcnnnP3fS1qoe:+W4VuQsrhIk73s29/lbcnPvS1

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://files.000webhost.com
  • Port:
    21
  • Username:
    tain00
  • Password:
    computer@2020

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2452-1393-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections