General

  • Target

    1960-17-0x0000000000400000-0x0000000000444000-memory.dmp

  • Size

    272KB

  • MD5

    5754c43874fc6123e45842dc015435d3

  • SHA1

    759f6a81137707f440b5e63e8056c484e2a7954d

  • SHA256

    a907fc948b27587f3eccbb5a1648bab4ff0772c5f0bfce5a230e4e4646d93fc8

  • SHA512

    0c216bb5858726e58adb6c4c15e9e8f7eb9b51fb84979749c56cee638cfc8c38f1bb28319fa3af55f87fe247da40c8b311af957941b5a09623211a5de611b3c1

  • SSDEEP

    3072:ppKnlJc2T7sEI8I0TwExYYf+qSVnae2JhxXqR5HlJ4nzUoqnYUELeRZ/75HO8zdg:ppKnCEI8I0EEa4zSzMnQjaez/s8zQ

Score
10/10

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6941402653:AAGD6Af00jBZM3CSU3pjKxYbW7aazMmc_10/

Signatures

  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1960-17-0x0000000000400000-0x0000000000444000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections