General

  • Target

    2564-12-0x0000000000400000-0x0000000000440000-memory.dmp

  • Size

    256KB

  • MD5

    5f74b80307eaae7e6fa3e06cfbe6c58c

  • SHA1

    973f141c155d7a80d15179b5b6710b12629b5a12

  • SHA256

    4f3c643da93f78bb8b0c305d417dede0761dfab47454cf6610d8546424d4e33b

  • SHA512

    8d911b2e1e00c4a9fbe256957cffdb67d2e0d7d58c349d5d413129da045b6c8ad3abe102af6869bc702be4d0af3507bc624f1600308143cfc6163e197988f269

  • SSDEEP

    3072:EbYCeMoUAMw0HXSI5rRWZmImxHGly5ugDD15:bCeMoUAMw0HXSIHWZmI2HGlCDx

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://eu-west-1.sftpcloud.io
  • Port:
    21
  • Username:
    dc2d3038d5c743319b4d84cc320c4fad
  • Password:
    xmFBI1ctaq8b1qv5SWZ3AOzpG1Yb6y2K

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2564-12-0x0000000000400000-0x0000000000440000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections