Overview

overview

10

Static

static

10

1316-10-0x...ry.exe

windows7-x64

1316-10-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1316-10-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    7adba4745760dcee8094b7a11c327090

  • SHA1

    8ccc6db153e4fa9def6668fcba329248e06be90d

  • SHA256

    61187fedfdeebb79842573a25d9e2f2b70f71fa5a100fcbccff22a77ff4e3bb9

  • SHA512

    ee369ccc271dbce5f2565ff751e19fe5fbf58ec9ebe6df7116bab856e3f52f0777c1e31fd803aae3d4a499b33277887f1332d90116c17029d4ae19e32dcfc26d

  • SSDEEP

    3072:oMYwTrZ9xtpIQv0eTkcRbaV7PkIop0PKNas3lz85FkXR2SW:TYwnZ9xtpIQv0wkcRbCop0kR9R5W

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.aksumer.com
  • Port:
    21
  • Username:
    aksumerc
  • Password:
    211116.kS*-

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1316-10-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections