Overview

overview

10

Static

static

10

4468-144-0...ry.exe

windows7-x64

4468-144-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4468-144-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    af936842a6333551142488fe68d4de74

  • SHA1

    2f3318aa861ce30d1a5f66d02be855a947ccea7f

  • SHA256

    ab7ad64eabe2338111b8e8d2622aaef47ad2a0e71e00c4fb05fa030278636da9

  • SHA512

    0aef9f5e8c602054621bbe90869dc844c582dbabf669bbeb6bba706f25b2b7984e7cf7a7f5af2931e9aec079e7868f4358cda082f0aff7580efaff5f94f6be77

  • SSDEEP

    3072:eFBKr15gcUKLpiyaM180PP1Xpzv+dclotCkhfgCY2bnkPsT+Sz1+qGzRlX/:eFBpKLpzdLRl2dcdjCY2ysTb1OXX

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5515611206:AAEcQSX8hXHOAxSYr8KUdLxGF5eqw4FRXoA/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4468-144-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections