Overview

overview

10

Static

static

10

2748-16-0x...ry.exe

windows7-x64

2748-16-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2748-16-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    030d5880cbd31a83d005362291b2f7c6

  • SHA1

    dab6ab90b4087714b83c9bbba0fca54da4bd0542

  • SHA256

    a6d2779e40ddb3cace5a839db84ef0821ec19e868183a9dd1839a6ba752e8a86

  • SHA512

    c313f22de435db6d8823775ecfab9f8b4a9a2a7c78a460dcc5c96dcfdb2173c4819c47c5d43bb4acbb376ffa3688a3d0b4842b5f35275fb93abb3c67bcbccc60

  • SSDEEP

    3072:Yj0wnrfrXST0RnXgZec3ArEg9vcNY9FIaTrE52zwfQySpwCFMR:Yj0wnrfrXST0RIecwD9vcNOCavBIQJq

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6708836842:AAEOj4CFUrj7jFG71fhzDaJLgRXgsIceQ5A/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2748-16-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections