Overview

overview

10

Static

static

10

4688-949-0...ry.exe

windows7-x64

4688-949-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4688-949-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    ebb2bcde8b477de34ef6e483c808687e

  • SHA1

    da80a47a4c7707ed5a5cbbd32a65571eaf073920

  • SHA256

    c42dd5800b9fe5726881b5467e976f54f9d2ac9204a7a67301fbc08303141546

  • SHA512

    dc27791d5e5163c50a1480c204dc172b9636759ee62684f33c8ee68ba208d8359de3445d92956333d28a918fbf51c3e0241451f7229c3dfb772c19f74a380ee4

  • SSDEEP

    3072:OVoUEQ8wEQnvXmohpF+ojbkTToy5IuR4F+O:lUEQ8wEQnPx7FVbaM4Rs

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.siscop.com.co
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    +5s48Ia2&-(t

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4688-949-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections