Overview

overview

10

Static

static

10

4412-134-0...ry.exe

windows7-x64

4412-134-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4412-134-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    e7f0eeb848f21037b3a603031b4cb018

  • SHA1

    3985b4735bd2c0d3150515cda81e527a8e23df40

  • SHA256

    9ee4824bf12421f8c63aa1cfded104b98c31c8f194b994eb719f275151f4df52

  • SHA512

    796445e3ca76914c2752c2069ba12689afbfdfde338010c3fe65206432432bff52e7c28a32a7ae7756900ab28d1750efe458073b5322c1fe506271dd12520666

  • SSDEEP

    3072:M/TjPdOwaKr2s/+T/MUq9IHTpy5XVQ92dhcE6HNZ5M3:M/TjPkC2cxIsbdei

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot1836400811:AAHbceSsBewgu2-18DdhyOIr5kwyIr-_36E/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4412-134-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections