General
-
Target
1888-1466-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
ef6ae5f10cefeb3c15d7a1f60200ef74
-
SHA1
696e39d4b3ced01c16dbaea185c018422744734f
-
SHA256
42eda11232cb180927e841f60200470d259bfc74b3f726eefb4cafe12af4dc6c
-
SHA512
a51ba29be465cdac31f72a9b7c5b46bd3d975b08587cfb3ea13fabbb05bb0738ae3624a7dfd5cdc9c15ea2c3f3bda70cd415c1c12d1d64dffc8508409979ccec
-
SSDEEP
3072:0TjHF0Wo0HLBksy8w+gB85/PaYVUZU/61TWkNp+yeBzWElgxSH8DesAkSO:0TjHF0Wo0Bksy8cB8VPbiEWSHYxA
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6381763542:AAGPjs0vqAwhS1NRGwd5klpiWT8aP65rMm4/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1888-1466-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections