General

  • Target

    2948-21-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    ad009f13f129f3bd7842aef060f51363

  • SHA1

    fcde94117dbc0984f87812469524f7b4303230d8

  • SHA256

    4a3281e1e2fd1dd4e2cc9a56212da0910877508552af628cc500f736821ba4ae

  • SHA512

    3c9109fa64c0dd5f050dd75de2e68ea82af120d021b2dc6599be30ef93709408fa7aae7b1afbb44c4360ba872c99f42a8919183395a82df90336566bc9ec581f

  • SSDEEP

    3072:gSA6i3tYgoQIS0OdEPLmUQ67tc7e4Koav5u/EO5PU6bi:gSA6uYgoQIS0OWPLzD7tciTzeEOl

Score
10/10

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6488735902:AAFjq98r8SzTcc0BHWZQiLUk749fQ78ULos/

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2948-21-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections