Overview

overview

10

Static

static

10

736-68-0x0...ry.exe

windows7-x64

736-68-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    736-68-0x0000000000400000-0x0000000000430000-memory.dmp

  • Size

    192KB

  • MD5

    242cb348d6825ce4101bcdf5f6dc9237

  • SHA1

    a72c81a21feaab543698f183f9f8a2450ca23498

  • SHA256

    7a844e0fa68befa2ef201a45ce9308d45f1c1ddfa2a71d5bc58d09042f9e1553

  • SHA512

    a77e5937748c16fcab5c7ecef820e9336d84375bf7e2ef202fbeb2d4aa6766cec8e1a34b201f59dc28ffd59a5365050de4da3ca7074ae7093d64c17f80cfbbf3

  • SSDEEP

    3072:uhrdLW3SNAhaZlq7s2gYg4YBneKOvdA0UWHL6ZqEVs99f9k/:uhrdLW3SNhq7sBn40nudIGLhEO

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6212701050:AAErVFpJnLIOy-vtdkkH8KxPMtjZB1gt9Ak/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 736-68-0x0000000000400000-0x0000000000430000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections