Overview

overview

10

Static

static

10

2052-94-0x...ry.exe

windows7-x64

2052-94-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2052-94-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    e4b113f17f748751a03462f2fac1b417

  • SHA1

    3d78a5c999ee84b6dae69cb8e60bf4c5b9393719

  • SHA256

    0a86414d87450033828a43c81825be8aca9c89a8f55b01832b95d3a4264f253c

  • SHA512

    987a255404d722cec04b3074796dc61a52524c59b432b18da70f9ea65c3d36c7cc2ea2c54fce1324aece28268067e84431c4dcb82d130148d887374c418473e3

  • SSDEEP

    3072:lfb3DXr2lZOXQwk0e1aXf0UtJhqHoe/H5I0hO5cjZeWprzY2:1b3DXr236zLJkoe/7hO5cjo

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discord.com/api/webhooks/1206393671298060309/FVITE1Nls_cASML7RoPv9wXcyXBuUk2YTXZCQhiJMOm7SGNvjRM6I2CWP6vhg5ft-g5H

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2052-94-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections