General
-
Target
110852b8629477f0483bdcd381aae7a7
-
Size
7.1MB
-
MD5
110852b8629477f0483bdcd381aae7a7
-
SHA1
3242ea437ab5a6c08d5ceb3343c78bf457d49d01
-
SHA256
ac86c98a4e8eb00a2e85079613c12a32d664bd4d9f7c07b05541874fddf0e005
-
SHA512
f5833154a846e4b3f671bd103c04652b2213a13724e1a1619159275854b7b6373fd3b990f5dd2210d4bb344452bcf6f2fbb6d41adf591fe6f0ea3e0b6634f288
-
SSDEEP
98304:9B2pC6XG4HNkq5UKPhc24Y1/QPldHVTgPNhV0ADXqQgpkWDRIZVMnu0jjD8ueJU:OcUG4raKu24YY7HVT4hV0AD6QgqKRgX
Score
10/10
Malware Config
Signatures
-
Detects executables packed with Agile.NET / CliSecure 1 IoCs
-
Vanilla Rat payload 1 IoCs
-
Vanillarat family
-
Obfuscated with Agile.Net obfuscator 1 IoCs
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
110852b8629477f0483bdcd381aae7a7
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections