General
-
Target
2880-65-0x0000000000400000-0x0000000000438000-memory.dmp
-
Size
224KB
-
MD5
78dd036f7c400d3f544fc37d6712135d
-
SHA1
1e3b238bcc29afeeb78c51ba9570df64ad1d3e7e
-
SHA256
09058c6b85f2ff84aa441937e63b0fb5b0897ed5ee95680cab4711b0f20fa8c3
-
SHA512
f0b98592a96f4f4cb312b74297d3783d8051d6cc96653ce34f230fd3b1a0d9e74dfb94ef6f702ed8842d894394f789eadd777181399dd3416a74d46ab548ddac
-
SSDEEP
3072:ej4hcbHabeiLOM4KYUpvpmx5UFkpRj57WRK1YipTOE0lnnQqQtIrYp:lGb7K765UepRj9WRK1YZ5nlQCr
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot5752794370:AAGHbBIUSUvwQW5dpdi3bNZyPbHwpEPD5r0/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2880-65-0x0000000000400000-0x0000000000438000-memory.dmp
Headers
Sections