General

  • Target

    Arsenic.zip

  • Size

    12.6MB

  • MD5

    aa2bda3d8bdb37fc8d21f539b02dfc3c

  • SHA1

    666fd4629fe882e7ff84a51c716d33d67a40be41

  • SHA256

    849d0e455547806c15afdfcb786a75e449191e15026ed2256609855057a304d6

  • SHA512

    06e6100db4565318b1c9532ada715f6ba1f59ad04f2dd2beb97709c269e30d29d48f4453b17f7c0f1746f63947860a6cd184f655f418afb2ce6f7b2711336ee1

  • SSDEEP

    196608:HKzwyCGyOlHuQYoYpB/jrJAIIAXowyE2dOYIesY+3CVU1fwADwk0YUj8Da9l:q8y9yOFYoYpp6akIYnsYIZyUY78Da9l

Score
7/10

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Arsenic.zip
    .zip
  • Arsenic/Arsenic.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Arsenic/extatent.dll
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections