Overview

overview

10

Static

static

10

1372-74-0x...ry.exe

windows7-x64

1372-74-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1372-74-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    44779ab46adceb0c369850cc99ccf210

  • SHA1

    f7f69e2617e0cfdec0c0edffa779456c7ed7bfa8

  • SHA256

    cb9908ed449295ba78f1c18fba745c0e333ef2d2fe35dace61fa365326166540

  • SHA512

    489e76c947a729fe8c38fb0fb983fbd63ec9fae621dccef9cb29c45597fd79167c50ea1471e41d2341b3d83810b3434bdcdc6a6d41b53f119d338d1016392cdc

  • SSDEEP

    3072:TrZjAxZQ3Qp4Gszc+vL9D5VC/DfuULs1uKvRjbvsDTM/NL3vo8vb/5nfV:TrZjAxZQ3Qp4Gszca9NVC/DfuU5Kdbvh

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5757748605:AAHI9rc9CYWMivLuImcQ_ENpJzN7mD9DYis/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1372-74-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections