Overview

overview

10

Static

static

10

3868-1091-...ry.exe

windows7-x64

3868-1091-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3868-1091-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    5a31a33e81c03a380236178f2939f043

  • SHA1

    b812992f2405b9b58e7ab69c523f2b96deb45e08

  • SHA256

    929333a9755349745a91ada2daa73099eb6d142173a2eb173f983d7b50ac3c85

  • SHA512

    0b7ff57631a88fbfa72a46357c787f46741839a84ba974938e4fca952136230a9d559c0560b850e9dba10b0ebf3d868d98fb4b3d9611a326b84f01a760c80d10

  • SSDEEP

    1536:k0LMKWVsYjtEE+UmPM2D7oApLddTgfmunkHdWWR9WZltn3roFFusbwWp+J4hXVZ:L+D+HRkAtdGnk9WWR94f0nXwW8+Z

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discordapp.com/api/webhooks/1145251777952886784/YHlqQB8-CLI8j31rwP_EM7zqJEQJXxU_Oj2JYZGz03XJ2vHM4R3mj7a-WhMivxm2KvdV

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3868-1091-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows x86


    Headers

    Sections