General

  • Target

    2604-35-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    b300684a596179119e15a53a80058812

  • SHA1

    d8bf083c9d95151e78a40bda882b59683d530cdb

  • SHA256

    9f21aef994aaa0dd430564d19a1b6613342e5337301cbde5e33be3ba5ece9179

  • SHA512

    78813290c7157e3d8f6799907ffe05eb6179a2f3920de93fa189973237dfa84e27278fe6100bf0295910e648019562d7cffda498804886ca7565c7c799ee8b81

  • SSDEEP

    3072:cBqJpkkpdxdZlZF++pJRfeLaTgWDWHbX2Kcwt5NHJKQ6IUx8:EkpdxdZlZF++pqJbX2oNJs

Score
10/10

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://ftp.kenvue.cam
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    adreport12345

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2604-35-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections