General
-
Target
4972-7-0x0000000000400000-0x0000000000442000-memory.dmp
-
Size
264KB
-
MD5
b0f7e71fa6251a7c05bbe25d8ff0e3d8
-
SHA1
a5e057bb84319e381e0894c692e534ae8abd1a9c
-
SHA256
369bc7208ac6530bff66d7ac7f2a69e06720d2a556faf43073c83a5c6ca4836c
-
SHA512
035eb3b2f969bbde314e492dad78653a0b1e19160e461f88083e89e6fcdf1dd5be3e88d73593d62ead0a3e3d2eaf510c58d547cdde0ccf9bcb211d468027c91f
-
SSDEEP
6144:Z/I1LOWWpfXHv/s14HtRepell10MWHpnL:hrdpfXHv/s14HeS10
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6570371458:AAG_RQQpUe6dM0JIuWK3cSdz4tPlbJ3-LX0/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4972-7-0x0000000000400000-0x0000000000442000-memory.dmp
Headers
Sections