Overview

overview

10

Static

static

10

1208-6-0x0...ry.exe

windows7-x64

1208-6-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1208-6-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    4cf73330422cbb41902b87bccb5a7bee

  • SHA1

    8b2561ddbbdd318f2453ae819cd0dbaf0bfd26de

  • SHA256

    f3b03a177b634a169da45f82cedcfca2cdb86217c7788f28e602ac508a413bf3

  • SHA512

    5e66eaf75c728c7fd39e6e029115fe6ee36be510deed84715532fd797754db7e72bdad37438a2c88147455b5c839d5fd0afbb7382e19a7460327b903cd453d5f

  • SSDEEP

    3072:9LVD1J2P261lj8/Zj7SUxoUpbchxUrXPGlpKkmb3L1:9L8P9lESsoRhjINr

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot1887454391:AAEO-M9D-t5rRvqqeYNx5T_JO_S6Zp6FZaI/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1208-6-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections