Overview

overview

10

Static

static

10

1092-100-0...ry.exe

windows7-x64

1092-100-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1092-100-0x0000000000400000-0x0000000000440000-memory.dmp

  • Size

    256KB

  • MD5

    ff7e5dfdd534274988d36ce9f08a8b90

  • SHA1

    e7a3ee14092d21bd108cc1e8aae2eb0268712050

  • SHA256

    72cba8a21a8b3f2da25647e8318734a7c15ba2d433db6949da123d5384ff1fd3

  • SHA512

    9214058ae47496b52ca79b2aa1686433d153fe774e3f9bcd678bb63501046ed38f703ad4f243113e4025e0247526ece46fd7076c7e25af090b61703ccefa87f1

  • SSDEEP

    3072:1B/C7Xjnb3YS6PF3SrmIvt/0JFIvK75NKJpqs:P/C7XjnbIS6PF3SqIvSJFIvKmJ4

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.aksumer.com
  • Port:
    21
  • Username:
    aksumerc
  • Password:
    211116.kS*-

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1092-100-0x0000000000400000-0x0000000000440000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections