Overview

overview

10

Static

static

10

1096-1393-...ry.exe

windows7-x64

1096-1393-...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1096-1393-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    0ace51ca2cf2dbf020f091eba6f7cec4

  • SHA1

    d4ccf451ea95fe0928503a633ccdc601141d4e59

  • SHA256

    0cc8189b878703c8e7a4ce4ccf34528b4adfc36ee82ce7e9d990ba4e9201bbf8

  • SHA512

    e3b7973615826c9a1129c9a0555c9e2328736b2b653a8fb34f535e0ceede6922008f77323e7817786feef5433ab5fe0b6dd7ba4ee7e7d5250fdc51342c423cc4

  • SSDEEP

    3072:p6SkxjByIyeJxkT1qhEk5E/DUdeg2dq1pBjWFNfjvdCbwZBbZ:ATx0AFx2A1pEKs79

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6358868177:AAFZEsJPYJqg6UJIAFKMY_hs0QX1cwHasBM/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1096-1393-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections