Overview

overview

10

Static

static

10

856-1224-0...ry.exe

windows7-x64

856-1224-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    856-1224-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    8f7ee48ffb87b4c6f990179939015685

  • SHA1

    88ca4eecb15dc8df5533d7132c54985fe5fbeddf

  • SHA256

    188d52a9d180e537587fdcb773a4c7c1780009a6f0d660d000dadabbbadef042

  • SHA512

    a2cf786f32782536efdef319d5af9d87bb2ad115dfb37233759006ced51bd8a6295c2000e1e3c3d8736d16d7122be20b15476cae76b4d6375884ae8a280250b6

  • SSDEEP

    3072:N8BIezXvvA1JXnMsLaYh6SoL+6UpEN1uh377CYbNqkFgp3:N8BIezXv0XnMsLazSoLX91up7CI

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5866125639:AAHczhVa6KsnPdrAfpcJqJMrQ8ZeqF9Y-b0/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 856-1224-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows x86


    Headers

    Sections