Overview

overview

10

Static

static

10

2620-82-0x...ry.exe

windows7-x64

2620-82-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2620-82-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    4d97ef1bbaa8785c39a28ede944173b0

  • SHA1

    0fb1329b04e905013b10ba39279035918ddaae61

  • SHA256

    6fb7d72a217f1447766b3e1cc9378eac67b0ddc3d43373d0d8b61a85642ee016

  • SHA512

    380ef10dbf3726ac1579ba2c51a0150b435b936c20a9ce7930e1ca6a4cfe27d7762e1df6866e7f3ec4488040cb423793393cac2ad4fc30091443221c3163581f

  • SSDEEP

    3072:I3kLt8h3he7/CQiK4v1eyL0KpdblNb0EOXh4e37ZlR9ZMGXJhIZIHRae:I3kLSwzgeyL0KpdblNbhkhbzfJg6

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6250389540:AAF1KME0gXOqQ6YWKB4YQVexdl5p80Fk0cc/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2620-82-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections