Overview

overview

10

Static

static

10

1452-89-0x...ry.exe

windows7-x64

1452-89-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1452-89-0x0000000000400000-0x0000000000615000-memory.dmp

  • Size

    2.1MB

  • MD5

    57331f4a9be22cf26eab4e5b1cff9e3b

  • SHA1

    619514af8e8670abd5bdd25fdf1782b8ab83ce62

  • SHA256

    1352f4307c36c20cbf540df7dfdf54171fdc570c98fbf9e29da6e5b1168878f0

  • SHA512

    c85baaa2a9136bca2bbafe5aa611b89be8e5226e84caa46b2c09c0ed2f998c8e30a7a2c19a6d56437bee74e4e183149fe8f1aa8413999e0869497b64cf6880e5

  • SSDEEP

    3072:vWc1PDNJ/Zu6zqsou9fuBldauMuB3wCNheTR0Z9l73Nmx5Qlxan:vWc1PDNJ/ZuaOu9cH/SWU0p70x5A

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.kamen.si
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    Americanboy21@

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1452-89-0x0000000000400000-0x0000000000615000-memory.dmp
    .exe windows x86


    Headers

    Sections