Overview

overview

10

Static

static

10

2608-12-0x...ry.exe

windows7-x64

2608-12-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2608-12-0x0000000000400000-0x0000000000440000-memory.dmp

  • Size

    256KB

  • MD5

    4bc21b82fbf7728fe16776d940492d91

  • SHA1

    1b6cca5ffe824a0424f47305bd9ca406295196a5

  • SHA256

    1966601e9dbee47e2b9e0b13e82560f5a04626277bf91bae06d4284cd8d8d3f4

  • SHA512

    f171aa7de6559564aa11d1b3e18f40c14b14a5880db1eb2676ce0c5a31b23da67cb9e68aaeb1a8c4244cc8a953972db5c929fdd8d094d6966e7b0da24b6989fe

  • SSDEEP

    3072:sBULJiheuueOmJQKrnL1X0mmKXNWK05G/ISl7Fi9:sBULJiheuueOmJQKrjJiS1w

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6840869330:AAEZ4yOJb6l9YkHVol7BaSnML2_yNUN78Xg/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2608-12-0x0000000000400000-0x0000000000440000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections