Overview

overview

10

Static

static

10

2820-10-0x...ry.exe

windows7-x64

2820-10-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2820-10-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    f45d51b2c4cca65b60619fad9d4c62da

  • SHA1

    d281c5341e627afb05bf996ae76d118cc20746aa

  • SHA256

    a3b791ae9aaea9a506eafac3503ae77a7e042c27a746000239d2918b70ff7070

  • SHA512

    950400b0ea82ae09d0f62a6f786cc2e9eeb75c8661b0b1d9d6cbd43eee92f49f4665d67eadb90a40584c5a16296194dd06bd6302cdff4425c6ac968eb3cb9989

  • SSDEEP

    3072:8zPnP9JAcN62axIoiluaYqmzi0o9R/yPf5Gai1wpB2V:8TP9JAcN62axv27UP8wpc

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6334555107:AAHjkXdGw4FaaaH1kHZyxe86XPdggmZYH1Y/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2820-10-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections