General
-
Target
1960-10-0x0000000000400000-0x0000000000440000-memory.dmp
-
Size
256KB
-
MD5
8ada2ce362e75c384c1bc84d61164d3c
-
SHA1
535e89c9214cf87f995b7f89d51f916cf015caf7
-
SHA256
2044e1681cdc4a2746a3f61ba0add393fb14243fa6463c764d2bd044147b6099
-
SHA512
52cc32e1e70e6e3b0b092a22226c525ba29e6aa2a6e4502a94c55c9ed7699a72a1ffd855887a899086099b7284212b93ededb32f0ed86134b7829b68dcfed210
-
SSDEEP
3072:NXICcdfXHv/bZ72tb/aKz/Pg5hlt5lUDM:NXICcdfXHv/bZ72I8POt5e
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot7033725008:AAG3SScxEtYlanQbXYSgLBKSlzryVk6c0I0/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1960-10-0x0000000000400000-0x0000000000440000-memory.dmp
Headers
Sections