Overview

overview

10

Static

static

10

2916-152-0...ry.exe

windows7-x64

2916-152-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2916-152-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    977ac7b14899acd8d52d21b2ff1196d6

  • SHA1

    cdf2bdd03324fe7a0de4d944a9e5002b499494ba

  • SHA256

    37ddaa1de927a333f5207106edfea13f54a0e98cd26267973611045e93edc2c2

  • SHA512

    d9de127dd1fbdc914dacc55387ac07900deecb3d1184fca9edf94f11854d9c4e9b069cccdfe0deac5f7a83461ce40da3e7bfb0f8a2a61fbda0d7efe400e463b5

  • SSDEEP

    3072:+oLKTgmXk6QZH2XFG7QS2vwY8IMK+GFalQD46hYIaCT:+oFIVjSbf4+GFa+5hYIa

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6049792420:AAHwUyqJTP4pl8DBra94fSd55sxG3oBrU5U/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2916-152-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections