General
-
Target
2996-13-0x0000000000400000-0x0000000000442000-memory.dmp
-
Size
264KB
-
MD5
efccaa5534dfd2c13f898787b117d061
-
SHA1
83ee656194b4e32abb76d30e2987ac931834898d
-
SHA256
48a63d5b1e3d81f298b584c9fee82e961a55e417955efa98f6749611e4d1a48f
-
SHA512
431e58f0fc43f402ff71c9d9a735beb348c4a291e943e3d8ac60ec8f609d893d4d5e91ecfb1f0425f4ca422c306f7e273eb8ff1401b46a7f957a0e33514090e2
-
SSDEEP
6144:ESl7aFuSGCuwNsBX9JoB4N2dyXZOcPFdr:8FuSGCuwNsX9JOyZO
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6834342758:AAHnpbyPCzi-sEo22oVL6DdX9cuTElu_WyA/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2996-13-0x0000000000400000-0x0000000000442000-memory.dmp
Headers
Sections