Overview

overview

10

Static

static

10

4176-142-0...ry.exe

windows7-x64

4176-142-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4176-142-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    c248f69293cc50f8a87075e0be07a0d5

  • SHA1

    bbb74823af5a156ddfe5a1da9437278cb5663a0c

  • SHA256

    9868a1a77ece9558bb25d44edba682c053511f56bde2b869c7a0643904aafdeb

  • SHA512

    5f549026e45e4d67f6841aebe754a5480068c3dda509bbdc5c70daaddcf02d7fe48c447385b4c7ee21b83e530019ed00179ae254546c198a2232ebe3e7402fa0

  • SSDEEP

    3072:DFBIQcQsQL3Irj1dpD+rWEzjF1GBnFVHDgxBMxkl+1aDiRlKTg:DFBv3apzDkWMjFafD4BMtaAET

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6019964522:AAF4GL7tiulCBCd_CdLMmgPQ-2YhOYdHGMo/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4176-142-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections