Overview

overview

10

Static

static

10

oribin.exe

windows7-x64

10

oribin.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    oribin.exe

  • Size

    168KB

  • MD5

    950e84059c7d166b4965ec8ef3d6796e

  • SHA1

    88c8a2c535dcb38af289124554bf39bc92e72cc8

  • SHA256

    99f35fb09609bd222591c63e7e3bc9c24ba114cfabb9f6553359cccbe4f92733

  • SHA512

    26ce402e7507e37904f4e9b76855b7d6f2a270f8b37f4d442767785f229e61aba5c989c7093495f8a0dca9f44bb5349af523549bbab35b9cc21b16eb67cb1a63

  • SSDEEP

    3072:+qiUQWzokNuZwFx6Pxbk1qPNjmE3N0pq5Gjnedc5kQDBU9:+TU8kNCxwqJmKizedWnDBc

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

C2

https://discord.com/api/webhooks/1100586163150000171/mA9T_8YpfewxqLzLWKCBe2eCl3eeZNUjmgdXTsa1cDvSvwe_IHUnJ-0-B6pdb-zLOskB

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • oribin.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections