Overview

overview

10

Static

static

10

1744-79-0x...ry.exe

windows7-x64

1744-79-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1744-79-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    2501e2ecbdde5778f833d88b5a8b734b

  • SHA1

    b102fd5c53c1d582c6baeaf4911913d8eef9eee9

  • SHA256

    eb01551f2d59ebdbefac4ea129a5edea19d6966073d4fd5b4c9a49d2beabf8bc

  • SHA512

    24a400e47918eca1e3c85e377dd41cbe26e896e441b9607c819cef5bb76e89eac7804fea4e46e260d342cea009386743fbee1d0acbbe1d553d0149857225dc9d

  • SSDEEP

    3072:lM1IhUYvd6Ru1Hk1EHphY+Go9qgC/U3rxiFM1Yfk8:lM17qHk1EHre/Wi

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6112610523:AAGK4brrgvKwLFOTAeLGi7mJGyww6rZBns0/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1744-79-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections