General
-
Target
2964-7-0x0000000000310000-0x0000000000352000-memory.dmp
-
Size
264KB
-
MD5
e6c1de7b259cf05b1058c86bd5ba27ef
-
SHA1
453a336f206e498dd822dcaa0c32e9927ddaabb7
-
SHA256
83ef4c32b412d66aa4e44d40a693ac11f3f823c2fd87401a868f0b623c49514a
-
SHA512
97d36d6c90214dbb23f195c609aff2b6c3f7c74d956558f58c2f8465c2327ff4bfc9089cee49c0cb932641f6306cfbfa77bdcff4fc2a98cc6df09598175ba784
-
SSDEEP
3072:eE4MueuueOgeoffJeoMxccA0hlgtSVdG5i5IQFMAe:euueuueOgeofxeoMxcKhmtSV9IQK
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6855166222:AAEObSa5lE7Tuvkvs9nlbOEfO6lqJbHLXVo/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2964-7-0x0000000000310000-0x0000000000352000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections