Overview

overview

10

Static

static

10

1408-166-0...ry.exe

windows7-x64

1408-166-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1408-166-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    50896d2821ead8feab367a87767cd1b2

  • SHA1

    70bc44835f42f6d2467ac2d1c8be8984003d35b2

  • SHA256

    df62d2e86bdfae168953a23a63fcc762a66df3c37b25fec6692760ac9a2ca587

  • SHA512

    ed6d4187bcf7379ffa7f2a3c457100557cec262f5b6676928e6bc5df16ee82ad8c36d8817a86ed210d72457ec8addcc5766e28db17ca8691b296fb6bc0687a51

  • SSDEEP

    3072:d7dlkVQZLcPw5cnNkc6Hp9/cg+SMt4NTy8z3PAG8:d7dxJcFNkc6J9Eg+CN3z3oG

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6125345128:AAELaNDC6VdQQywdvqd5w8Ps_ZT19OAINe8/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1408-166-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections