Overview

overview

10

Static

static

10

2788-10-0x...ry.exe

windows7-x64

2788-10-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2788-10-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    d11b6a61bf3152f0cd966bb766c2f367

  • SHA1

    720108c1ec6d40a0be46a8daf116e56a914857e7

  • SHA256

    4e693584bf08aaa26a90b0c46656ee654fd2c6508b69d13dd5a13029696ff7a6

  • SHA512

    bbf7b56e076268508ba574a6e9c6d01a83c75357dab8312945f27e5d124aefb51170c36cd701496e1d431a7780186b5cdfa4e8f032fe171568be486f7cccf0f4

  • SSDEEP

    3072:bbVznatuymCup9e+k7QrlLgCsHgZesm156gxVYg:VzatuymCuje+k7QrBgCogAsmjx+g

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.rusticpensiune.ro
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    99AM}+NZ&CCq!4Vq)9!(zXx01.lQ!~nS.fBnY,4Z~fjHnGo*B3Gd;B{Q1!%-Xw--%vn^0%nt

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2788-10-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections