Overview

overview

10

Static

static

10

3972-13-0x...ry.exe

windows7-x64

3972-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3972-13-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    454568b1abb4f602da04cbb73fe2246c

  • SHA1

    c9788ca0566c059b0fdebc35c28be024f3e63b20

  • SHA256

    7fcc70d8da71b9fcacd03480ce261613c747e0de62f88c135152227a9de7a62f

  • SHA512

    d805873201c0637eb4d052823102bb22bb6da751928c1c56f1b042cd0638034a13e2aa7dac35748d77389a8a79be4018cdd1103f60285e7135cc3bba2c093bd1

  • SSDEEP

    3072:Z9fji2luWBji3gSEINjNM69qmMAgcJkEAXL:Z9f22lFBji3gSrb9qmp9uEC

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discord.com/api/webhooks/1153223870891958314/4fjTdg6uWPR-Mfasd2z9A9lMK59UySWkNCvaFZXMHtU0FDbkkjIMF2XSDIeUY1fHd9R4

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3972-13-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows x86


    Headers

    Sections