Overview

overview

10

Static

static

10

4848-13-0x...ry.exe

windows7-x64

4848-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4848-13-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    193e94d7dbfe5bbdf31a4d6b26552dec

  • SHA1

    b28488bc46b8ff0bd9810c08ec3b057a386fba2c

  • SHA256

    b16c1aca8ee3e2ec5674c2c3e977ff2669e553957936c8bb5c08569cb4ccc076

  • SHA512

    845ab2e06cc3fd68039a9180d00930340bc29f6ceec4d5fe43672623b3b696fd390d915fc2cadf3464872ede59dc052da9cfaca515a4bfcc5b4826107722e0ce

  • SSDEEP

    3072:quUqweuueOXLqipBpw1NNLy8xLfFIA5EK5SalOzYegB:quUqweuueOXLqip7S48xLas5bE

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discordapp.com/api/webhooks/1166302871613087784/nCg-9BRiGEVs0MiVwMTqq2QpA1zjZAVmt6WwJeafNmLmk88WIG2BMzUo6OyGTXikDTY9

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4848-13-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections