General
-
Target
2768-30-0x0000000002A40000-0x0000000002A80000-memory.dmp
-
Size
256KB
-
MD5
a863cc9803ec0fc64d40ce51a3b210bf
-
SHA1
3bfe28d02cd10c9fa4288f861e4eb11e84a212a4
-
SHA256
cdedcaa65c2f59a625190875d1d9f8bb20d816e99b1a845de705a08e421d0227
-
SHA512
96ac44e02bf4da9983a812a40e4774c691898007ab0ab4ebf1ac96d7fe44216bbcd942b985faff7783edc4710234e359f50b30a78a338266dc6decdc002e65b3
-
SSDEEP
3072:btaOXl7uruCuSWCoU/kZkB1QL5ngVa++nL/hO0cZ5+jQnO4NZGS:haOXl7uiCuSWCf/kZkBiL5nr8DHnOeI
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6812591142:AAE27OhIqnEdQvb0JAkU1LoMyHJIcytlVCE/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2768-30-0x0000000002A40000-0x0000000002A80000-memory.dmp
Headers
Sections