agenttesla | 2388-109-0x00000000004B0000-0x0000000001512000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2388-109-0x00000000004B0000-0x0000000001512000-memory.dmp
Size

16.4MB
MD5

4a0ade7adfa8c365941c1319a2de9e86
SHA1

eeeb3128c1c09dafbe90bd56cbdf08e7ee9c619e
SHA256

9a610d28a552dbcc2c6d3aba581a84ca7591b0359410cb0025535fbb2cd87865
SHA512

206d0a5852a81e38ab00887092fd71633687d24eb3bfa508c3194c1ef99b92ee908f6c21b4f008e47ee351e2f46986aad66ca6f70a8ad91dceae6c892fdd6cab
SSDEEP

3072:rLsbbRxRxx5I47SSLWD4icvtsRr75IuHyXpy:rL0RxRxx5H7SSLWrcVarRHIp

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.homizz.es
Port:
587
Username:
[email protected]
Password:
Ruiz3,14
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2388-109-0x00000000004B0000-0x0000000001512000-memory.dmp

Files

2388-109-0x00000000004B0000-0x0000000001512000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ