Overview

overview

10

Static

static

10

932-59-0x0...ry.exe

windows7-x64

932-59-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    932-59-0x0000000000390000-0x00000000013F2000-memory.dmp

  • Size

    16.4MB

  • MD5

    00d7b1790135c096dc84885aa4ec641e

  • SHA1

    8c2bec28ea909595f37478285e0c218313f9e055

  • SHA256

    7b497a4d9cb3a275b1246abd1071d9c18e2aa57a69168e41d1207facc9575d78

  • SHA512

    5e74ccc50c5e301288f7993e7b46144c4de6018ddab6c993de6a6192d6cb327431954af87abf480403ebe059817de794af42b81a41da5e5da626c65f1f9cce3e

  • SSDEEP

    3072:yt2nkc8Uktl0cA0qQ0X0KwweF3lgFK3FgHFSemzshJQS50erand7:vkc8UktWcA0Z0X0Kwwa8cClUshaSrod

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.concaribe.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    @Ixk.X0Q&I?d

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 932-59-0x0000000000390000-0x00000000013F2000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections