General
-
Target
2920-65-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
dc7a802bd641d38ee07a422c5d3074fe
-
SHA1
9aae15f91a8772f4e9a85576aa9fc2e716d0feef
-
SHA256
b68d10d56b71a46e037aabd8690c12863eae437dcd00889001eaf1a4fd644d58
-
SHA512
7fec57897f3d7a3bda9a037ed17ee57ed96285dabdc41852f4e1d521168a444962b690fc94ec2690eabb13fd590201be2dbb6c2ab254106845c50f23aa79274d
-
SSDEEP
3072:phTdz2PSZewWj8l7VW2byp5SDqM5xO5cuIE0mf3wWzcQ6bGL:phTdz2PSf7VJyoOOERP8Q6b
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6137371997:AAHtnpNnI9wnDrVDoHWPPvplE3NNhL2C52Q/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2920-65-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections