General
-
Target
2888-20-0x0000000000400000-0x0000000000444000-memory.dmp
-
Size
272KB
-
MD5
04166efdf86c29238c35d5a1b35d8017
-
SHA1
6161e5e16c97e985e0cac6b510584a1f0fa27eed
-
SHA256
cca97f5b72fa0d6c1d735ec2bcc5bde166cb62c829487c9c80cdc13f85e28112
-
SHA512
f237876623bce6c96df7d2495960097b2571fc691bb656310ee31bf51f5b194d15053329e3284518ff24d5ebd736939430cabbfda06048c902fcd7924df307e6
-
SSDEEP
3072:mA+YosPCTTr99+C4R6dIAYNW+AkKPe5E51+35p42Q:R+JsqTTr99+C4kNKIe5735G2
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6676162751:AAEd1syJ1UBFBOUpPrSad6tx_yi_Gl_8ZC0/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2888-20-0x0000000000400000-0x0000000000444000-memory.dmp
Headers
Sections