Overview

overview

10

Static

static

10

540-1454-0...ry.exe

windows7-x64

540-1454-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    540-1454-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    803c070bdec1697435755cc199abda6e

  • SHA1

    0aad6a9b996d52c0eb6c97c2728b08e34ff9d97f

  • SHA256

    2409562e0142a31a1b39bf19b1417473212cbae9c7869d29b41edca171c584ee

  • SHA512

    beb548cf587a22e88b53e40c3a0c23891a764db34986e111a23c07d2849514e31c4fc92840279aa1e6af4398dd155c5052886dec7a2e8a4d150ddb7b85372c73

  • SSDEEP

    3072:mLLPxoJ8MY7QkCYECpStD71RTqRxD2+hCCsHMlOcxb2MPrjCoty:mLLPxoJ8nXCYECpSt1ly2+hCHiC

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot2100759405:AAHQxGXNxGeuNgcAgCwnT3oqpIfFhYBuhgo/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 540-1454-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections