Overview

overview

10

Static

static

10

2556-6-0x0...ry.exe

windows7-x64

2556-6-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2556-6-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    cc7b84d708c2632672475c92ea4f95dd

  • SHA1

    da649bb0eeb5f25d593deab7e0779913af95f73c

  • SHA256

    8d39c7c97c6723c70a5ec2ca50b26fa487e886031302d0037ec732ca35cfb834

  • SHA512

    1016b223d55cea5af4019c2fa6dd537a5ef33e371a7a62825df81460084740227a8f248c6d11f499eaaba7690caa000638ff7a11a3f07af0d2e1aa95a3d25574

  • SSDEEP

    3072:WKxk67BV5VSfHViCORsZcz2vNIutRQ0oYqj89x5lRhOn1t8ScC:77BV5VSfHViCORsZcz0DiNS7hO1O

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6503501882:AAHzwfPKwz5bDsqo7kVyrLyEhohlpm0y3Pk/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2556-6-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections