General
-
Target
772-140-0x0000000000400000-0x000000000043C000-memory.dmp
-
Size
240KB
-
MD5
f40c59d440d4f53ad97f00f72ecb36d3
-
SHA1
8f04d6a0806ef469b65164d89e4568437907ffe6
-
SHA256
85292198e73d2ead00e9669c22e903de0e4a96d862f42dc429178a1016af5a7e
-
SHA512
4a3d3ee7535a6b3552f167a53b697b933bfd2cac4c42359a475f73101f112f46dfca6edab2c78f76bda46fe48c6e9822f85542998ecc5c76f9334b5488f5f5f4
-
SSDEEP
3072:zFtxOBccinVCya9GRoukaiOcmJa5UKF4ZJSUX5NRoOnVMM4k6QWJncAfQWFFh3zP:JTJngq2vUcCSKNRoOVk9LPhDwy
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot5970985875:AAGxcS7riy4ZlEmFj2Z031AsUoRvment2iI/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
772-140-0x0000000000400000-0x000000000043C000-memory.dmp
Headers
Sections