General
-
Target
2792-140-0x0000000000400000-0x000000000043C000-memory.dmp
-
Size
240KB
-
MD5
c69ad1fe5bdb3557a28b0408a9ef7e17
-
SHA1
fb802c32b8c64de278a5daa64e9478736ef35ab2
-
SHA256
f56a304f02ae3dac299e7400eecfc2568d9bc0ca2cf0612d4de78d3de85a0735
-
SHA512
dcc8c5447ef8c04e7470b978953495e3f40248e4afba5e16edeb314c712d493d4d1219e03c4411e6479c3eb934c175323b507019bca711033c94d252623f56c5
-
SSDEEP
3072:xGVrVtjlopA8k8kGnRmc4UhUa794PJNp3yvzuOioNlBiJZV9XWsUm2KgMM3n9xGL:xfznLTUIwJ/ivznH+9G2LM37TU
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot1611551445:AAFDJ3yQMlB3zXJGib2_TFkq1jedBMj3GTw/sendDocument
Signatures
-
AgentTesla payload 1 IoCs
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2792-140-0x0000000000400000-0x000000000043C000-memory.dmp
Headers
Sections