agenttesla | 2480-11-0x0000000000090000-0x00000000000D2000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2480-11-0x0000000000090000-0x00000000000D2000-memory.dmp
Size

264KB
MD5

13cb69f1ddf7c4d2cdbb8f0965d80412
SHA1

111bc0701e3e64cd6eefb06a69c8a611af023163
SHA256

b0069804bc4b9f6fad1372c4dc46a1d93e45c0b2022162b0914d6b25c77cfe5c
SHA512

ff49b497dea43eacb9427ed07a12cf3c6dbfa2020247784ec329a17138d395be6b0326363698abb4c67a724c13c5970767606131e36e2081c86b4aea420b66ef
SSDEEP

3072:Mj99Xnv/X4teDzG6Z1mT6Mk5JAewlU530jvIF5+:W99Xnv/XueDNi69HAnlvjA

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
terminal4.veeblehosting.com
Port:
587
Username:
[email protected]
Password:
Ifeanyi1987@
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2480-11-0x0000000000090000-0x00000000000D2000-memory.dmp

Files

2480-11-0x0000000000090000-0x00000000000D2000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ