Overview

overview

10

Static

static

10

1376-1455-...ry.exe

windows7-x64

1376-1455-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1376-1455-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    b55ba052292960aa6e2d0c84d0f137ed

  • SHA1

    b325c71a5eb625bb03e129067ae5faea3e499240

  • SHA256

    a7dc25bf16cc0da821587b9445f87dd98caac20920ab011c1812aba9cd0fd8e4

  • SHA512

    a24e1f27ba92e251d025c1ba73445b7dd3bd0be083ecff1242ad15370cf7225f3af5de937b7b0d48de3e4b8b07e1e8948569e32bbfe51fd055c5ad2bc64135d1

  • SSDEEP

    3072:sWF6g1fpgaOqZLgLJu2Io/O++jt8SvNOSFLxgUsQmseudl+:sWF6g1fpgCgJuDohSvQvsz

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot2100759405:AAFzA0s7LpNOhvzQJo2bUlDpzSqnB8ir69o/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1376-1455-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections