Overview

overview

10

Static

static

10

268-111-0x...ry.exe

windows7-x64

268-111-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    268-111-0x0000000000400000-0x0000000000615000-memory.dmp

  • Size

    2.1MB

  • MD5

    fc206fb4396ae0718773d01a9c163e57

  • SHA1

    741660cc23b0a1d8b75599fa29f2c8ff60e2f1b7

  • SHA256

    b91da7882fdb392ec1afa147b385e665385a53d20c474607879b9b99e0483a60

  • SHA512

    ad5c9e8b3fecc161e02914abc21c9a5b30b20553aadcff2cd9bd4d290c1bbe3f97f41933e137fb4636806ced594c6b3f6e40c4c00085edfd6d860c9cd3342211

  • SSDEEP

    3072:9ycZ67GPtuANfae+HbFcW/owMOKaCYtm3qbcDWwoqEykrhF01ZNOL68:9ycZ67GPtuAqbFcWlHloshoNO

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.kamen.si
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    Americanboy21@

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 268-111-0x0000000000400000-0x0000000000615000-memory.dmp
    .exe windows x86


    Headers

    Sections