Overview

overview

10

Static

static

10

4520-799-0...ry.exe

windows7-x64

4520-799-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4520-799-0x0000000000400000-0x000000000062B000-memory.dmp

  • Size

    2.2MB

  • MD5

    83f1a558d4d79a5b79370fb48fe04e80

  • SHA1

    150c0daf63b8247327f0e29a1e0212ea2300ca3d

  • SHA256

    9e07c65851e20e9c118c4cd763f01d8437b2b8552f84a85a80c32c2d61ca9b43

  • SHA512

    4d48dfaeb823669c8a074d11b40a6b7e4645cc21987a431b7eca12cce35ba16a295d3c33abf4614f0506c926805faabba621adbb1136b269badfdd9c4ccd2638

  • SSDEEP

    3072:6H4wTk5ejtFfAEzV4dLqtvizQkriD7qUtDw6+AYjbBs8MmWkj:6H4wTk5ejtpzVoCvHg6rpYjb/h

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.vvspijkenisse.nl
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    playingboyz231

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4520-799-0x0000000000400000-0x000000000062B000-memory.dmp
    .exe windows x86


    Headers

    Sections