Dumps
Dump data obtained through analysis with ethical considerations. All data is shared for educational and research purposes only.
agenttesla-662B0273-decrypted-strings
This malware stores the API name, configuration information, etc. as an encrypted byte string, which is decrypted and expanded into memory when executed. I extracted these decrypted data from the memory dump.
SHA256: 662B0273E19DD3D9AD7D7579EBA2C398B2A202195A5A8079EE525DCCE3720278
asyncrat-864e43c2-decrypted-settings
AsyncRAT decrypts configuration values encrypted with the AES algorithm at runtime.
SHA256: 864E43C24CD678E7DCFA931BDB34AB936DF62C7EE19CE01EB39F9AE39E652952