Overview

overview

10

Static

static

10

5008-140-0...ry.exe

windows7-x64

5008-140-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    5008-140-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    d43368fe792b0842944c5f6ad579aa6e

  • SHA1

    c074e8a0b5bfc1af4a7f77cfd8153bd25302e4f9

  • SHA256

    ef8a31aa6cd549b78664794e979873e86f30590ce634349134a69a1a89aaff3a

  • SHA512

    fa62f4dbc5a5ed0ff40724a2d4e6f89f95d65b8dc64b989713b2e2323b4a06dab1193c3bade01694bf356ae1114658fa065c15b82819b48fa6a9832d260ad79e

  • SSDEEP

    3072:KkBoKjrnuXolFze0xZrGeBXZAdQvJDCZ3tZAkK2KBcBrmIV:KkBoKjrnuEFze0S5oDi5r

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6272036226:AAE-NMCN6wm6pB8NevxLxncr1cZIIJkq-10/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5008-140-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections