Overview

overview

10

Static

static

10

3372-140-0...ry.exe

windows7-x64

3372-140-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3372-140-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    65c7f5e1462caecd805dff6cb62f87ad

  • SHA1

    f24dab3e1c47194eb2d458052a2a4d8199d57fab

  • SHA256

    2cb181533a1942d187c662b890976920ec837a1c92b399be2dd5ebd77bc8b813

  • SHA512

    2fbffab99f97b917cf737628b125e1584d8ad90efb141ce920e8fe9fa22bbe63358b44bb0edd84a1ac6795ee2f19665d699ef4d5074298ac04b473ff75baceb5

  • SSDEEP

    3072:StcRfabjbhV1xXqev4EBO/26ffgQoMgHUQursAFwcG/iezy:St1bjtHxq3EO2KgXUBJyrJz

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discord.com/api/webhooks/1105328307010015232/y3JHG4bp0jeynHE4DQgvB8OX8QijYxrk2CH91SY0HvNfeBptAktLBqo7Ix-7GllXk9Gz

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3372-140-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections