Overview

overview

10

Static

static

10

848-1100-0...ry.exe

windows7-x64

848-1100-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    848-1100-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    ea6db7b0c377806cfd9cf5efff7f959e

  • SHA1

    609f10e5d36e6e2517ad1c891a86a398c1d62d76

  • SHA256

    61a3c2a35d120f29487814088c4d40f82976249ad83934e7b4afac75bf44b644

  • SHA512

    bfda80cadf736f5a34516a7456256c58551acb5da58ab9c6c099b41991e08e4809f88bda15da0db46c26d1a705abc93ab659c009acd120169e04a18d7d68ee91

  • SSDEEP

    3072:Ef+VPdDxYsnYQdJxJvTvgE9w7gVRh40XGDNA37:EfWPdtfYQdJxJrvgHUe02DW

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6515773992:AAGxfvtfi52THqf0poVikQjud-DY6wxSlIw/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 848-1100-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows x86


    Headers

    Sections