Overview

overview

10

Static

static

10

VenomCrypt...ib.dll

windows7-x64

1

VenomCrypt...ib.dll

windows10-2004-x64

1

VenomCrypt...or.exe

windows7-x64

10

VenomCrypt...or.exe

windows10-2004-x64

10

VenomCrypt...er.exe

windows7-x64

1

VenomCrypt...er.exe

windows10-2004-x64

1

VenomCrypt...I2.dll

windows7-x64

1

VenomCrypt...I2.dll

windows10-2004-x64

1

VenomCrypt...or.dll

windows7-x64

1

VenomCrypt...or.dll

windows10-2004-x64

1

VenomCrypt...er.exe

windows7-x64

10

VenomCrypt...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VenomCrypter.zip

  • Size

    13.1MB

  • MD5

    6339a9df99f4fea3c2ab1afc78e879d9

  • SHA1

    4ee6cc1d50730b5d48a878e4572b9958352a0755

  • SHA256

    53c401f24e24cbe77b405737d35a12daed24ab8840abcfec197b9e8b5c7ff312

  • SHA512

    404a6312bb344529f600193f31f2741e67ccdfb7d6d12627bd52664b89a664aee00527e20f620276ccf6082c749f3176d5bac7351fbb4e643f76127800b271bc

  • SSDEEP

    393216:qxd4xvvYsd08zltBx0GLTN2R9hopFtUh1a:gKrzlXx13NK9+eXa

Score
10/10
zgratagenttesla

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • VenomCrypter.zip
    .zip
  • VenomCrypter/Core/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • VenomCrypter/Core/dotnetreactor.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • VenomCrypter/Core/venom_crypter.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • VenomCrypter/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • VenomCrypter/SimpleObfuscator.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • VenomCrypter/VenomCrypter.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections