Overview

overview

10

Static

static

10

1628-67-0x...ry.exe

windows7-x64

1628-67-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1628-67-0x0000000000400000-0x000000000044C000-memory.dmp

  • Size

    304KB

  • MD5

    b26149ba1f51846893a883391c2e96fd

  • SHA1

    f1991fd16a2f0900e0dcf0092413f1eca8eb5c0e

  • SHA256

    f9cfd4ca5775cdf48eaf3894073af57c6928696cee2c21c495979ee2feaef4a2

  • SHA512

    b79eed489fd4bd3cf78b01e89811e7f253aea9a6bd46de656d716d427dde66e48a0d72183a324073eb7d3bcb4d0d54b1ef786b77c0a516fa7dcb77393b6c5796

  • SSDEEP

    6144:FZD85XG/2c0KkFzRv+11+F+yXgAa3xwomgbs:FZQcOLE09hg

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.symmdentaesthetics.com/
  • Port:
    21
  • Username:
    [email protected]/
  • Password:
    smartooo@12

  • Protocol:     ftp
  • Host:
    ftp://ftp.symmdentaesthetics.com/
  • Port:
    21
  • Username:
    [email protected]/
  • Password:
    smartooo@12

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla

Files

  • 1628-67-0x0000000000400000-0x000000000044C000-memory.dmp
    .exe windows x86


    Headers

    Sections