General
-
Target
4048-10-0x0000000000400000-0x0000000000444000-memory.dmp
-
Size
272KB
-
MD5
93c566b11e2c8f5602e8464d2ab3cc35
-
SHA1
691dd6e96995aa52c60b91cc62d8bb24d3cc8dcb
-
SHA256
23fa2d47b92efc11869b13e75344f83bfbcecd798b0632f26a3b4f5a69f4b8d1
-
SHA512
24bd68e90e87c322f8aabd1924b17ba462b5f64fc30d14c8bfc5cdfb587ba918284e877fb61d92cd4bd31cc9ca04b6ee3834ba00b70762604e1263d0591c11a4
-
SSDEEP
6144:p1K+d9qwJS3rpHua+EXR90ldyxM5HawuZK3ctPJ:CmBH2
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6555557349:AAFkOtBq4OuD_wA1LCGsyKMyb_dVQE4eedc/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4048-10-0x0000000000400000-0x0000000000444000-memory.dmp
Headers
Sections