Overview

overview

10

Static

static

10

1744-58-0x...ry.exe

windows7-x64

1744-58-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1744-58-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    8801c4312b9a3afd436694a2e6389fc5

  • SHA1

    53b4c5196acd8ccfcb046d9229a1637e917f0eea

  • SHA256

    6a4c0b625c44cc34a63b0d1938f289348fd6436b5019631a5d23577b0f882f3f

  • SHA512

    c6f5584b5a50ed5f6dc7f252ee08aef2dc8bda634bd69ca9ccd60d6bfc9683f0a7051ce9d257dfbc2dd2793b82053751cca019efc3e55e6210f0bef59ca4b460

  • SSDEEP

    3072:7g1iVHFK4+VpXSr1iKgLGCaIepKUJ3NiqbRT9onmby2E9BDVhp:7g1o+VpihR4GrH3ynjxbTp

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5816167937:AAHC2pkCmy4BLJx6bBXA-0mwQMX30Ya8Q2k/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1744-58-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections