Overview

overview

10

Static

static

10

2920-65-0x...ry.exe

windows7-x64

2920-65-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2920-65-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    17515ec62dfea328d35edef6b773b4db

  • SHA1

    8189c37cc2032d9ac73a3ba5817ca903137d8b27

  • SHA256

    ff6e4a25d85de0218fb9b9134827abb007e6c8181c5badf7111fd8a1fdbb5dcc

  • SHA512

    ecc8d1593bd49b712920442d1adfeb368fcdf01282686f0a6b279e541af0dd54607d1a0003d12607948b4d319dc4fd3ca3b1c262d7fffced51d355d7dea5830d

  • SSDEEP

    3072:QHtWF1vz1IKKxPzOaasXmCRnKXURS/FV9dOFS8UgyyAPEp/ZD:QMF1L4dzOGm/d/T9gS8/yyA+/Z

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6198153601:AAGeOg2Zin-JH1-CEJu1Iv-lkewJZkHU-BA/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2920-65-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections