General

  • Target

    760-140-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    a186eb819f6958db91303ce75ee98671

  • SHA1

    b7a9bb40d4357c417fa3866382f51dc74505fe8d

  • SHA256

    e5762a5b25e4906344c652612d0d016a0beddb23cc9890b07f801dab99e30e6a

  • SHA512

    3d555c80aa03be5339cae207ccdb7c60bc3579300f7b613eb276d3ae214846094c9b833e7a46ea2dc321f9bf1bdfea1a6fcabaaa26c0cc5893d3d92526ed926f

  • SSDEEP

    3072:FZldnLvts0KDBFm+4duUpoM46OGV49gvcDGr0AdOzKkGAx8dQZ8QGgX3Ro:FZnRs0KD374duUpoM46OGV4W527GAeCX

Score
10/10

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6065390312:AAHITY0Cpait9qz75kHoNw30slpj1yIIn7Y/

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 760-140-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections