Overview

overview

10

Static

static

10

1512-63-0x...ry.exe

windows7-x64

1512-63-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1512-63-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    cb4fc3838fe15f26157af56e2138dd13

  • SHA1

    dba2b19c59cd2f27a3c1918640e1e65baa8e4637

  • SHA256

    ab589496f6e03772abada3c691445d600633bfa129ae2d68d906766923738175

  • SHA512

    2c5b79b21784abb563fcdda5ac28e2e57118caa4a344ea7dbc082aa0076453e8c5c02f9119808e7094a1660add01dd12cf4ad598bbff1e7d2cc31ce2258f308b

  • SSDEEP

    3072:Qg1j635AF6rPv1xeoGYr2drgQXcTpk6GM9vfU4:Qg1itpxbGYOEQt4

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5868174658:AAHJslM63unQc1JNkwJs4OwvvEIysDbvCpY/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1512-63-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections