agenttesla | 2304-10-0x0000000000400000-0x0000000000442000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2304-10-0x0000000000400000-0x0000000000442000-memory.dmp
Size

264KB
MD5

60b5378228c28e938f52c314b88e1c71
SHA1

640b13a169dc277cc584da3b9fa536555437457c
SHA256

529b30f5cbcc897a18a7116f310baeac3cc6a2a6c2acda603187bdc2490dc6a8
SHA512

1c2db59eda70ba819e13bbd243356615b56a2003dd0db576c6bdee150e0367615bcfbbb2e16b46e7e8d4823ec5d98c3ee6852b172c13ea5c13f9b1cc1eeb549f
SSDEEP

3072:OcTjuQwckY8T0kIGW7R/12jIJVBibgcjpPIc4uN7514E/0cR:OykY84kAV/12aniTNPIc40gE8

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
^NpBYBQ0
Email To:
[email protected]

Signatures

Agenttesla family
agenttesla

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2304-10-0x0000000000400000-0x0000000000442000-memory.dmp

Files

2304-10-0x0000000000400000-0x0000000000442000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ