Overview

overview

10

Static

static

10

4892-579-0...ry.exe

windows7-x64

4892-579-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4892-579-0x00000000004C0000-0x0000000001714000-memory.dmp

  • Size

    18.3MB

  • MD5

    67d79659978f85552341f2b7045e4590

  • SHA1

    5cb314ac359a0e403009c2968e9da5d863f9471d

  • SHA256

    0a97fb6270bc37c9effb440f520b150283e3831441213adce9cf00e72f66ad12

  • SHA512

    b76b74fcdedb1e8cbb17ab3b6318d32ea7b38f49cf05b1bb0cd7dd6f40ffec760eebdd9be051b10eb207829398aebfeb04435e60c628339d8359fa3624709908

  • SSDEEP

    3072:dVcHb5MI8gs5fhrdfuqzb7N4bces1bht95WGHsMfGDE:dVcHVMI8gs5fhrd2KdGa1VtHHsUI

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot6994888350:AAFqI19L4KkGo55n9P5XziXuBSULg-rdpEc/

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4892-579-0x00000000004C0000-0x0000000001714000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections