Overview

overview

10

Static

static

10

2812-8-0x0...ry.exe

windows7-x64

2812-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2812-8-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    83d4dd36e9fb8e0f55fb4c305872095e

  • SHA1

    5bd5767050725d9ea66018b9e23a5657a67fa76a

  • SHA256

    39e7262bac71f30f9921e5c5a75b9940b9fe2ca3db83e395c3a68923eca3b8b9

  • SHA512

    7bd54f1ee5461127e68af728c083c7eab1d59b9067add1e00b516c3bf0ba836c4c66515b0ebc5de31533e04f6cff425a9df1f3df7b1416fc8db18c7d467f36fd

  • SSDEEP

    3072:tj0wnrfrXST0RnXgZec3ArEg9vcNY9FIaTrE52zwfQySpwCFM:tj0wnrfrXST0RIecwD9vcNOCavBIQJq

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6708836842:AAEOj4CFUrj7jFG71fhzDaJLgRXgsIceQ5A/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2812-8-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections