General
-
Target
980-70-0x0000000000400000-0x0000000000430000-memory.dmp
-
Size
192KB
-
MD5
f9b4b25d0d544ebbb510b67ea63ad793
-
SHA1
7ad20b99828bee5d6cbc885aae8e21753c0a9f0d
-
SHA256
d2a992eb1e439973a842cd93e1db6fe8f54c15631c5b365f0a7e61c2b64ac061
-
SHA512
b74c7fa361f20399a0a66b3d678f7c2f4d374a000a5a097e6dea64d522cd2d139b6bd95396c4c71a07787099956cccecf639c154da4e3ccc47ef5634af95a0dc
-
SSDEEP
3072:Dq/zIdDUzFMhyNcyKqKzn5TgDXa7TiL+McM+pMuHfI:DDDUz0HyKqGzJprHg
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6198912739:AAFWwPOzcAOeh_bttxtGKKR_RIR4wgbcmQU/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
980-70-0x0000000000400000-0x0000000000430000-memory.dmp
Headers
Sections