Overview

overview

10

Static

static

10

5092-144-0...ry.exe

windows7-x64

5092-144-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5092-144-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    8dbdee78f0b878711b54b59f2da0199a

  • SHA1

    4a2e96443843a14c8619a62f4f29242811b01674

  • SHA256

    79d8245786af4fd544e5cd483b3eade85b0ba161a7718d19af065321c1b6ff2d

  • SHA512

    1bab58c3f22cbdcba5064647afee7a0e51e3ff058f8437bb0a1a07cb7c3f8cbb3c0588e210cacb950699b222fa985e0284b5fa0504035a92be5dbff0755f9844

  • SSDEEP

    3072:ye3DuY/HkGHCzi3r6OE0F99u73vTrMvH3R45jPvCyMJtDg:FdHkGp+rg99SDRXK/D

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5814058627:AAFjPgERfyp3AZJXAfISMezajcw2VR_A_9U/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5092-144-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections