General
-
Target
1084-88-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
a44561241904184329c3a0b1e8facb25
-
SHA1
67da109b3ecee2e0366c70500a80359a2b11a520
-
SHA256
139d4a5dc24e0b4322a6d703be3abaf5b5a5b65421863ea26efd39e4b40333f8
-
SHA512
92310a195457c07673a4e957acd3c1dc0768b526810a41372313b670f49da899665c30fffb42aeb72717dfef6a6c0a9c6465417d24a570031a752ea51cd93853
-
SSDEEP
3072:5MxAarnPuL8eHIXx3GohwP+7wOwpY0/DhbgmBKeGA:5MxAarnPuOX5GxUwpFDhbOe
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6381416776:AAGJkWrlSonqQPI9MEgZDaCvfd7LP-ED0lA/
Signatures
-
AgentTeslaV4 1 IoCs
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1084-88-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections