General
-
Target
2968-10-0x0000000000400000-0x0000000000444000-memory.dmp
-
Size
272KB
-
MD5
d36f8ccafdd63da3383b4f50301fdd8b
-
SHA1
95d1bfa25b22ea33c1b4e09bbb106e7dd7e7d0ba
-
SHA256
b86825662719eba263f3c036a0bd351aa671cdcdfc3add061cf1d8f85ab4308c
-
SHA512
d91bfd7096590ce4df82219dafa0327ade44b7a394bde19ff267ae625572f05e86341bfcdeb5b740447f4b2a3404ef6be97c084388571f46ffe01910857d63f0
-
SSDEEP
3072:1pY7SUYEwkkNZD2jYeVGmg5MGh7Fi5kdYO0YLh3+5yFPYpbZY:1pY7SUYEwkkNUjYeGmg50FOh13bPYp
Score
10/10
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot7007179527:AAFy4MpIHiFjTsTvtnkkp0mt3OrHgfrR_yo/
Signatures
-
Agenttesla family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2968-10-0x0000000000400000-0x0000000000444000-memory.dmp
Headers
Sections