Overview

overview

10

Static

static

10

1692-5-0x0...ry.exe

windows7-x64

1692-5-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1692-5-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    7e68d6cb720fa2d0bdf50f153efeb707

  • SHA1

    78faca7940f1a95520c7b7f3a556f2caf302bfa3

  • SHA256

    e11d791ab1b1ff599041d1570a515bdb58541d7a5b74caadb3a07b8403f34531

  • SHA512

    76545f9cc47b33398c299f8bf2d77e48c370b46d8d96a7519e53af2878f438d0ec40b3dbcae6132194de5425b442a4b4a83524e7865c602bd177709b7b056513

  • SSDEEP

    3072:jqIpr/IhHtaRGqAbnOnEQJJ1iaSehMVSbyBUVte4vfwCNOaeP1XB:jqIpr/IhHtQ/onjsA920r2e4XcaeP

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://peruglobo.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    YSw&oCV&c23w

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1692-5-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections