Overview

overview

10

Static

static

10

1512-11-0x...ry.exe

windows7-x64

1512-11-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1512-11-0x00000000000D0000-0x0000000000112000-memory.dmp

  • Size

    264KB

  • MD5

    3a25cbd88d06a30e8e8061e03bd4535b

  • SHA1

    31fa996ecc821c3295223fc134e63aa0a255ece2

  • SHA256

    4346ff68bc224251d6faf3e119c54fcd6813c58b7b2f3a843181a47456fbcbf0

  • SHA512

    c92c614e8142d6d43a17d63d8dbffdb9d10463e69de09f90f5162f62af9585d1dc2e2cfb72a33051ed3f50e9e162a25e23c19aa5d6f9bb04ae921c092a299448

  • SSDEEP

    3072:ToHXPfnIPGO10mhPJAWLSwxhmUD+cHkFe05pChDiA7:EHXPfnIPhPGSS6hma+C/fh+

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.midhcodistribuciones.com
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    ,A7}+JV4KExQ

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1512-11-0x00000000000D0000-0x0000000000112000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections