General

  • Target

    240-62-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    912b13a2b0f6aa17c03a00d4dcdb554a

  • SHA1

    4431f564d13b7f425cc7cf1eadb657119142ae11

  • SHA256

    8e250293a355c2bfc4cee3fab198a087bc0279be1827812a811e4b1fac4326ac

  • SHA512

    ca5f0a21284dec6424889b7b9952bac5e914fcb565bfde2915bca3e213f72e8a7210615925fededd03935171da7b4e75fd557f5af774a77cf36d4030c4d33551

  • SSDEEP

    3072:WMcIYoqJQid4GYV1FvunDEtNlFiKrdgLSbbMTLT/swe4PSF3XwU:vcIY6id4vH5uDyNLRdggqL7KAU

Score
10/10

Malware Config

Extracted

Family

agenttesla

C2

https://discordapp.com/api/webhooks/1105072490759335936/SkDE88Uz7UIfYpC7ij88P4YyOEWYBxfbP7WJoClmvw7bfAFm4yUUru88PKyy75tM_gBE

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 240-62-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections