Overview

overview

10

Static

static

10

2836-89-0x...ry.exe

windows7-x64

2836-89-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2836-89-0x0000000000400000-0x0000000000615000-memory.dmp

  • Size

    2.1MB

  • MD5

    8e3c68539cd86a561c23900f3173998f

  • SHA1

    c10fa80f38793f06b015e7ca2442ca22d677b86d

  • SHA256

    0917a9698b64ff4130f399d560b08b1dd62f89afa5bf674dab305640250cdeef

  • SHA512

    c6bea784b76d0d87c5b42325b3956fa17dc767c8e1b2203915b6d2bd27260207d5bb55d03daf0c593656c32cc30fc9ca8398fe56426de4778c634c21e7120838

  • SSDEEP

    3072:aIEjaGPvHtkgXqoAxokSQhluFFizhh4b+V1gnoHDQME0G3a:aIEjaGPvHttdIsUCojQME0

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.gerimpex.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    playingboyz231

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2836-89-0x0000000000400000-0x0000000000615000-memory.dmp
    .exe windows x86


    Headers

    Sections