General
-
Target
2964-31-0x0000000000400000-0x0000000000442000-memory.dmp
-
Size
264KB
-
MD5
34a41126915209987da862892c3d9526
-
SHA1
c7db7ad99eac8c11ddc1a511125acd3194ced61c
-
SHA256
5b3116ad26d590814c54b7784ef88e01ff190e67ab5538654772ae34b492654d
-
SHA512
0c8dd42d3a089f9d7e3f0a7a2571e7718fb039ad767b8720f77a7cd3f1ef3ff466f8cea37e6752faa23cf1832980fe85d55c57ca0856b0b7549e6e7857b2b80e
-
SSDEEP
3072:ofucCwxx9GRtB1R3UT4PqDVcksL2p9kJP95AuoHNouFNfm/Em25Pvu7NBQ:uwyxIRtB1R3UoMVGJLr0NfhmYux
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: ftp- Host:
ftp://ftp.haliza.com.my - Port:
21 - Username:
[email protected] - Password:
JesusChrist007$
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2964-31-0x0000000000400000-0x0000000000442000-memory.dmp
Headers
Sections