Overview

overview

10

Static

static

10

2628-13-0x...ry.exe

windows7-x64

2628-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2628-13-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    a90c9188d98d99a7c1b813f11b14dd7c

  • SHA1

    4d8d5eba869957b963f4e9fb27895d9d8e4fd51a

  • SHA256

    ae1bf7dc463d99b86d9539cd4cbb39f9e1775c9b74c534e58843f5844c015b0d

  • SHA512

    20243a7973bdca6019cbfa7221646d8ae31f8318b607b2080fe1a4f4ea31b5eef943fbaa1303ab1ab865486964c6fffd3670a8e2001e0292e95943ef63e14699

  • SSDEEP

    3072:oMYwTrZ9xtpIQv0eTkcRbaV7PkIop0PKNas3lz85FkXR2SWH:TYwnZ9xtpIQv0wkcRbCop0kR9R5W

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.aksumer.com
  • Port:
    21
  • Username:
    aksumerc
  • Password:
    211116.kS*-

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2628-13-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections