Overview

overview

10

Static

static

10

588-1454-0...ry.exe

windows7-x64

588-1454-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    588-1454-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    1cd05457ad40e60a3f65d0dbf76da875

  • SHA1

    85eed619bd08f68a9124f17db0ea5638e0c351c0

  • SHA256

    b4bc61af567b852fbb556c1a00cf7c3ba4ade099697818145c7c3ffa49e0fad7

  • SHA512

    b109aeb3a25b03d143a1ffe01e51b845a4c7bc6b7d9c8e465b2dcd693a7bad3e61e15aefbbaa24302a561ab130421972920259fcf397cbc695ef348defdadb56

  • SSDEEP

    3072:p9P5jGiyWJ2CT6XeVl5isMLabY+3W52zM+1/7Zbkb:p9P5jGiyFrXegEYZC

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6090251112:AAFgPWWwJJpHC_VceztqfggOb7ObSaTn-2A/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 588-1454-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections