Overview

overview

10

Static

static

10

1796-8-0x0...ry.exe

windows7-x64

1796-8-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1796-8-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    acd86c9654f81b87281f34df50506d81

  • SHA1

    17904b40d6b522a3550b49ea46564fe69e0d8fd9

  • SHA256

    e8647547211de8549048ea68bd2d669c120f7ac46ecb110908bf473fa562419f

  • SHA512

    2cfa78953555dc0f0cbd954cd20edeab07761ebb47d1e446e86fb0f5416f6c2c1242182506839c09db372552620748656fda6791489753b3dce5f254ea6d8f06

  • SSDEEP

    6144:hkuQr1oQIgY8BadB6CmySR2QEO+2yYaA:EoQIgYaKBRC2QEO+

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot7134623757:AAG14l2IijdHtUMTQB8PlsH-2xdwM6WlmzQ/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1796-8-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections