General
-
Target
1404-70-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
06cb8d8ac2c236702745b0b704eca875
-
SHA1
b2c2600515f7ae8bfb78d03949c3dd215ae63738
-
SHA256
f2a49e7cb9e3e689c350a503211f3aca0807e8355ed82dbe7215fc446ff5cd08
-
SHA512
662cf71300661a6cbd7e62cb842846e7f84c8bda3b73162f9446cdac7bf3b2f2275561c6a767fed6662931287e248c6d31495243740f2dfde1f1c4e86e7b9221
-
SSDEEP
3072:tuM15L0ViDrwZTr711wChSpHG3kYXRcjaLNaivFGjElXvOHK6:gM1NwZp1RCFYeGbvlNOH
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot5711515928:AAGr5pLEJgjvMf5yBzvNPjftYdw-oXyzKzg/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1404-70-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections