Overview

overview

10

Static

static

10

2664-39-0x...ry.exe

windows7-x64

2664-39-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2664-39-0x00000000007F0000-0x0000000001852000-memory.dmp

  • Size

    16.4MB

  • MD5

    21e77c47fcf1bb31cc7a9fa7ae42fe70

  • SHA1

    3b4cecc4f0757228bca442998cf4d36b123f1a25

  • SHA256

    b5a21bf1d3d63d7b76d46c3193c863d9e9fa4a23617168c73119d49ab3f474cc

  • SHA512

    356bbe901f19740f2ad2e4266d3d5c3b0edcd514318cea51730b39af40c4a3f86da7a5990691c3a448e5c2fa47d45ccd6ec2b31f7a6330a7441451b2dfebc6e7

  • SSDEEP

    3072:H8Cf0SPt/0nb/bHoyZYJi90ABQ3ItBL5VN95AUYSIJIHre:cCf0SPtcnb/bHoyCJgqItl5VNVYSI6

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.atisceramiche.it
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    boygirl123456

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2664-39-0x00000000007F0000-0x0000000001852000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections