Overview

overview

10

Static

static

10

2652-8-0x0...ry.exe

windows7-x64

2652-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2652-8-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    543961927060a431408bc9edbc0e8325

  • SHA1

    d96953a0e32bf91b43e7bfe464459a63b7e46dcb

  • SHA256

    46d94e7dc2f988d38d8b2af73e199c2bcec1d6a6472180be118a388d9a6f2ce6

  • SHA512

    c9c67b1d32fc52f4b394f354393471794a5bed96783ac950c93a36269b7312b9af58deccdb632343d4d291a77d3950b635f711c584d2607da9b3d74269344aec

  • SSDEEP

    3072:iTv59vr9h9WonjeSaKGUU56iwOsx8VdtLsT5IYKblpn2P:iTfvr9h9WonKrSU0iZs2diiFblF2

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6773173668:AAFWh-JhVVG8JOWxPWhvJOU4-G-m08U8WXM/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2652-8-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections