Overview

overview

10

Static

static

10

1284-67-0x...ry.exe

windows7-x64

1284-67-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1284-67-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    13ed1200ebc6f88cb77a15446d0eb45c

  • SHA1

    6a7b4a2aa7a7df9694289dc06511ad1d30bbb503

  • SHA256

    8c74219b00bfc35ba5526854983c3d0322de6689a40ab48c07112a0325f93cc7

  • SHA512

    59e691298f364231959374e1d07919e531797bd4a8359c09a2651166fea5dbd9500e34f2864c281454747860082ac7701cbf3896d28d68732c1032ce779fa190

  • SSDEEP

    3072:g77nlctYkfrLRVHXvMJW3NFZ6U+nMNply5q5qYoYLwt:g77nlctYkT3vdd/x+6pB5qYxL

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6095065252:AAFMlBNb8wNUtNzp-GlGOqduhEP7RbuP2P0/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1284-67-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections