Overview

overview

10

Static

static

10

1292-56-0x...ry.exe

windows7-x64

1292-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1292-56-0x0000000000400000-0x0000000000494000-memory.dmp

  • Size

    592KB

  • MD5

    c37d23fe26d27ef16ae920dc49782d3b

  • SHA1

    3b9a3762be2c16870a6d3f6e916f61460faefe7b

  • SHA256

    1aa3c783f54c659efca690f8e4753acc66234bc5f15ddea9608bfbc48f74bf99

  • SHA512

    c0be218005278c93e295edd0cba0b8c36401d106b678bf44222952f11199f7c02fc3da1243ceb0a5efd2fe16f258c5f34ebc97317ea4e124d66bbeb7684b98a7

  • SSDEEP

    6144:9g4hdy2a8ZxU/9S2UL+6rbaHDyw4+dFP:9g4ryX8ZKsaHTh

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.valvulasthermovalve.cl/
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    LILKOOLL14!!

Signatures

Files

  • 1292-56-0x0000000000400000-0x0000000000494000-memory.dmp
    .exe windows x86


    Headers

    Sections