Overview

overview

10

Static

static

10

4032-130-0...ry.exe

windows7-x64

4032-130-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4032-130-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    837ee43133bf445a17590716a12d6428

  • SHA1

    7ed80264069d49be822923737c1e4bd218d460a6

  • SHA256

    7bd375a80c8c5821c695fe7b2444d39079c8d573716e857e34ad3e92dc716c6c

  • SHA512

    c2c426475a228b3acacda47826ca9fa82972f139798da76af2a8a49e5185b594a7cb9968cceaca80dcb6f0c32055ee141ef1ea47832d875dfca546ab3a4cd69c

  • SSDEEP

    3072:EMPPX/KzYlD2d+Hzt8Kri77bOLEOYuQztFpZI2jRpOVdFb8ZuR699k5:zP3KzkD2d+HzeKri7ME0opZmd/2

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discordapp.com/api/webhooks/1106544607786967070/X18lyDcr4xbBtmlglFWjQ9ZY8FamcOVt6ve8gQxoc4VbXg223ka9eE5CK6TxZbKN1p87

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4032-130-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections