Overview

overview

10

Static

static

10

3900-50-0x...ry.exe

windows7-x64

3900-50-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3900-50-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    53e274aa054545ff5bba5c75a1f419b5

  • SHA1

    53e2569369b87d7f6626df7c5f399c9fd69d0bcd

  • SHA256

    23b7c122cedb0a8c39a485e5a650e71811b19c6cced596b7fee2111a56437950

  • SHA512

    74464cc00164e5f6e144a284203a61b2658c02b7ca15ed7e745e0d240f28e6b922638779323dfea297f7a0b300dfc88ce69ea9e9e5db7426298a8943dc873d8e

  • SSDEEP

    3072:5Agco8gJerWWO0LMHk32UMGm2WrgV55zMqxhxQ:5Agco8gJerVVLM+s2IgtMqf

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6848173762:AAGkzL4gp0AnmZ6UfiPCUuUFvn7Vkjdjn1M/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3900-50-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections