Overview

overview

10

Static

static

10

2964-18-0x...ry.exe

windows7-x64

2964-18-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2964-18-0x0000000000400000-0x0000000000440000-memory.dmp

  • Size

    256KB

  • MD5

    cf292a2385ffb5f3f5ce4c2740998908

  • SHA1

    c97a2634278b0b10e889b8309ac9a253813d8346

  • SHA256

    9247b10a345a48c000e966c7a61b0ddb5ed05141749f0a91eef09e0e0b1dd43e

  • SHA512

    6aa49f4c3205d6702786a8029b3aca416d7f6b85030c17d913cb02ea15ddcbbe6289b60a020038f9d637395c858399e18047a9d21035c286b0bdd62a233dc36c

  • SSDEEP

    3072:KtULSUvIAOe1gsAuqubytgVbM18t5NCbe8RQiEB9b:KtULSUvIAOe1gsAbue8l0e8y

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6479234125:AAGR9wD3O4QFw8tDpYUc9GT0Rx3fOS9zKv0/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2964-18-0x0000000000400000-0x0000000000440000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections