Overview

overview

10

Static

static

10

NEW PURCHA...20.exe

windows7-x64

10

NEW PURCHA...20.exe

windows10-2004-x64

10

SHOKA TECH...20.pdf

windows7-x64

1

SHOKA TECH...20.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    734f82f296a4baccf3574ba404dad505

  • Size

    698KB

  • MD5

    734f82f296a4baccf3574ba404dad505

  • SHA1

    7b70d00d83413d14a85ba3a9092df766f8bd61b2

  • SHA256

    404b8e565a9cb087bfc6110181fdc742a7c1f275cffa73b9e30f900f44ac71ae

  • SHA512

    726024f4ea588357d42880c97609153d1ea9efa99544312959f0fbae3ed65116e81501dc5b4cd4cc8cbafa757ce9d1fff63b52f1bdc0e7db77ea2b0d9a30de78

  • SSDEEP

    12288:q3o/6ZA78c38lk1N0GQjckE9tZ3AjqQ/9eLF4nksbdn:q4t7ldN0GQjCOOQ/EF4kkdn

Score
10/10
pdflinkagenttesla

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 734f82f296a4baccf3574ba404dad505
    .7z
  • New Purchase Order request/Purchase Order.zipx
    .zip
  • New Quote for June/NEW PURCHASE ORDER 2 SHOKA TECHNOLOGY FZ-LLC QT2624-2020.gz
    .gz
  • NEW PURCHASE ORDER 2 SHOKA TECHNOLOGY FZ-LLC QT2624-2020.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • New Quote for June/Purchase Order
    .png
  • SHOKA TECHNOLOGY FZ-LLC QT2624-2020.pdf
    .pdf

    • http://dielleautomazioni.com

    • http://plc-city.com