Overview

overview

10

Static

static

10

2444-11-0x...ry.exe

windows7-x64

2444-11-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2444-11-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    09b23513edbbc443db432d6c3bc034fe

  • SHA1

    420b142699f590f6eb9f92cf93e7b0c6dcba61a0

  • SHA256

    32a4207c2178d21386128bf872c9891e611c4fe62f47cca1bedd791775328119

  • SHA512

    430da54780f9c4e6fff74d0b422bb6dcc8256842452d5b0ce8c445235333c501dc1a4e12e36ce363d040a4b6e31ea4bd14bbae0754ec8a86c9085d033d9e1f7e

  • SSDEEP

    3072:swgbYMHjvDTURGZXCyX7bkhxCoCinv2ucvHr5bvc2zs:bgkMHjvDQR6LX7YXeiOT5c6

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.bestmancms.com
  • Port:
    21
  • Username:
    admin_super
  • Password:
    P@55W0RDs2023

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2444-11-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections