Overview

overview

10

Static

static

10

2356-149-0...ry.exe

windows7-x64

2356-149-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2356-149-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    00b0cf3196af53920c95483be99153ea

  • SHA1

    389d9b889c4f357bec068aac6074959fc6dd013f

  • SHA256

    7df312c2e483277ed1b9e28926d14fb4a8f1b159732c5996c4f35087622072aa

  • SHA512

    f42bf8887fcdfaac847aa7e1bbf74f7c6649d6d39b981bf89706de94b2a1fea834bf3544381cae8980fff111c571fb3ff075623c83871a105c61280e2545bd7c

  • SSDEEP

    3072:2Bzl75nGsln7yDGPBQ7/HkEnH325oyFd9fTrJVcM7Zbcp7:Ol1GPD6Q7cEvyN/cMFc

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6118510930:AAGLmjz14DOBPW-OuVj-xMJhmBoGJAqv5to/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2356-149-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections