Overview

overview

10

Static

static

10

1488-69-0x...ry.exe

windows7-x64

1488-69-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1488-69-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    8d7727b47f49cf75d6d3218a0a1c569d

  • SHA1

    fcb92460ba804148cc6dfb3a79f5dc7932137af6

  • SHA256

    bd71bfd0549d27beaf2350672d1d97fa694626a523bc088842607a2b95b63a8c

  • SHA512

    4ea52a32c4b98d3f334ae5ff73b1614666a9635547d87ab8765e86cd9673913a7b1b7fc316443af073ffee6fcdf95b6dad519a2085bdb07002b5ce1a9bd2604c

  • SSDEEP

    3072:oSFuUe5zs60DhgNV6Uz20hTkgVRcwpsuo7QStz:zuUXnDCYruo7HN

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6198912739:AAFWwPOzcAOeh_bttxtGKKR_RIR4wgbcmQU/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1488-69-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections