Overview

overview

10

Static

static

10

2948-8-0x0...ry.exe

windows7-x64

2948-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2948-8-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    08ec2ac3fb5feb1f8aa2cffce1490454

  • SHA1

    17b9409959bddf97122ec8010052a33f48729718

  • SHA256

    4652ddb70d5758d7ae9a4d051030ffc5d3c34608182677ec3f62065b605d348a

  • SHA512

    4f4711cdb0d02fd341cefa2283010d842594a87d4f25b73bee5c32a6b8bc102456f8acb36d99cb728549dade6e13055eeac97d9c6faa5a0c8a0b89d095cc55dc

  • SSDEEP

    3072:ElXcLJi7fL7SpXox9DaJETt2zpFUyh0q:yqmWp4x9DaJ31FUtq

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6145265913:AAHEET6AZHMIk3_miPzzVgjfMdzux13Lcg8/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2948-8-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections