Overview

overview

10

Static

static

10

2704-13-0x...ry.exe

windows7-x64

2704-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2704-13-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    122e897594cd1a7cc26f5d3d0b469a8c

  • SHA1

    393215c7517bb9821f41dd87a1f28973555b98ae

  • SHA256

    a082a8910ce6900154e96bef5cd5e2aec6145612cb895c078eaf7969be6250fd

  • SHA512

    25821c9234a3ae7ec38ce2df455d48973141aa071e4d3417c38b96d82ffbeb6f06235a742e5a75341830a9d2072554e83e8508b51cc3da017a1eec09930f988a

  • SSDEEP

    3072:KfHfvPfvjuIDpi8c0868ZnGMUxm1HsS3P5jVOzhBM0lcU:ifvPfvSIDpi8c08TGisS3nOzM

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.carbognin.it
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    59Cif8wZUH#X

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2704-13-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections