General
-
Target
4204-1468-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
1520377f63e1536c0a4cec2cdb474843
-
SHA1
bf9ce9e77e62095746a14a63639b3d6daeb745e0
-
SHA256
4a0b66ff253830a0c8969d1edbed2213b520a6825323426fa0a35337abac0e9a
-
SHA512
582542702f6a13972419e07739745467409c19bd1273a44f6c456a02e989159e321ee3b47f3d94b16520d2a83a72f836a708c791e837d2ceb7951b883f665200
-
SSDEEP
3072:ug5EajV3AONhocPmQHAhBN45AVIBxgCpn6eYYW:ug5EajV3ncYmQHg9V6v4e
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot2100759405:AAFphK7cYgUbgYOzFOY1TteK62Xc4a2_vQk/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4204-1468-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections