agenttesla | 1500-29-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1500-29-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

2ba55ddae70e0dba241e91d9cf3f66ec
SHA1

80353125abbc7258d31a2b47226b1a26d5af4eec
SHA256

6a672d512bccbbd74f5bae4ea97b07c3617a04f59342c1c6b31563e65d40833c
SHA512

56dd355fb0bd1e6b54e7e701a99afa23ad0a81cdbd8c03937ec8d00ac8e0f7b12b1e23d97229c4d582663b0e764aa2c91c59814e7dc49af10f286b82ebc72d4c
SSDEEP

3072:b8+w5B5RZ+zecCZikb5P42s0zQ0CsMWq/5TDV3vlRT:b8+w5B5RZsxWl1AN0zQ0CsMRpVfl

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.scgpl.in
Port:
587
Username:
[email protected]
Password:
$Hetvishwa5271@djd
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1500-29-0x0000000000400000-0x0000000000442000-memory.dmp

Files

1500-29-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ