agenttesla | 2124-11-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2124-11-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

084d54638ef612a6acafab9ea43a664f
SHA1

146ee7c9f48636d02726f861216a12a948bfd3b3
SHA256

a68215e81df0b4d99c8a001f2310c4798d5d78ad189aed5b7876688c38955140
SHA512

36879f7d94650c085fc38437b365df94be7d4500a88d3833ea8db0b3f26e85ce1d2b16b21fb88ee21d51ede09e002e794d0c09a0efb70107bbf2e1f637a59d4f
SSDEEP

3072:fuJN0wAxf3f3/5W013VovLSaUKh1iwcwr65dtqA9cA3p:2JN0zf3f3/5W013V2+anhAwcwrQqi

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
s30.securelayernetwork.com
Port:
587
Username:
[email protected]
Password:
%lmb-a,[(1ty
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2124-11-0x0000000000400000-0x0000000000442000-memory.dmp

Files

2124-11-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ