General
-
Target
910000304ded0b7d71f772a41e697d72.bin
-
Size
82KB
-
MD5
f7ef0342007ba55e8605a58409b31e2d
-
SHA1
4dcf8b0a19424d8b26d5ff7be97b76ddfa377c42
-
SHA256
a6f26aeaaeb22c65c55c02c56dd9f94b4a9f9cfcfd226f3bad98f100eacda24c
-
SHA512
61de311911d69301df7d10b426084b8afe41d658ee2cbe809477916c779c16e62ad632737e1a232e6abda33c928fc7e7815222ed4eb689fffd50994ebae9c513
-
SSDEEP
1536:c8J31qQ3Bo41x4W07spqkNthhW4H4BYxYPRMEwm63X1kTNc5IZ/mOw/0sNKY:731qgNd07sp7hhFXxYZM5m63lkTaIZuh
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6274305207:AAH5YPuidA8Ry1ixmINxRICUhFKpXUvENJg/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
910000304ded0b7d71f772a41e697d72.bin
Password: infected
-
f03427705f8aeb1b5f9ef7f9f5382a6c666bc20cb811304421e1a3242a2f4ae3.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections