Overview

overview

10

Static

static

10

1324-13-0x...ry.exe

windows7-x64

1324-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1324-13-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    ccba247604f7661bc720f95b9d7611c7

  • SHA1

    4e78d3ab106f24711ae2b087bca51802862c5dc9

  • SHA256

    21a08724ac0479cba21f2958d0bacb305101d1f7cb537d667f20907051f1491e

  • SHA512

    ddfabb599c6f96f12b87230aef4685ca84895f9c92c268732bb827dcfdf70c1aaef018c50db96072c15639b0b4426501ddb503178fa4b6dc41dea6ad03cc154e

  • SSDEEP

    3072:15qP/JmLDKLuB+/0EiGYGVBWcPmxjOBJgx63VNF0:15q3JUKLO+/z1tWWJu4

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discordapp.com/api/webhooks/1152044580930330757/oS70yKF0Llptf4YanIHw96VR0y5casQRgGeqSg4wYVIGp4oTqb9S_TPlww6YsZeWt2S3

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1324-13-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections