General

  • Target

    GrayWolf.exe

  • Size

    5.4MB

  • MD5

    02a88d03242515576fa54218538e34fa

  • SHA1

    ed6f90fcbf9fabf0da167987e1c2647833df5d6e

  • SHA256

    533afe3493caae3a36d03f7766aeeec4de9f682a76d73b8098f975daacf48c0b

  • SHA512

    b9b0a03500e5ef66569dc42b07c5da6c186660989403bafd9f8511303add0622f8a9f670f73dffa3ddd8fe044b82c4e26a4ad6ae6e1aa0898c72b3ef671e09d5

  • SSDEEP

    49152:jF/5OwXqsw+mw6j4w6SAZplWz3SUcSUWrXxRyJQfSqF6kr3Az0:j/B0rQgCUcSUWOv98J

Score
7/10

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • GrayWolf.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections