General
-
Target
2980-67-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
f0de1b68fca1f9cf4906967b16ab32be
-
SHA1
8ac1f7e6371d6a45ec99a8d4aeddfb4ce4907b32
-
SHA256
ef80ed0cd6c323b408873e63190fe1d5a9a0767fdbd889393c80f3d0ded3b16d
-
SHA512
953857cc0ba7597ff94bb7d6732af044644384af9f445ba1eaa48f1e375e1b5fa86430627111e956f96fcd203340e8de9a374d4252cae49d5ae540d5ceb64fd3
-
SSDEEP
3072:0M1GN6Lm6E2Oplqi81QeavP8+MRz5j6sIQ/MRd+f2wjkwvCyRj:0M13k2OplR+BEP8z50oAdHwjZCmj
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6246885932:AAGIHc8OZQev2USAKiVEOTIMxakItjLS1p4/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2980-67-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections