General

  • Target

    Guna.UI2.zip

  • Size

    1.5MB

  • MD5

    13c38a4a61bd39abf359c42b5d9d435e

  • SHA1

    a0f4787fea328cadd9660ac59833e2fc962f33d4

  • SHA256

    bdc3e7b82f588c310abb60269f939febba49294a7ccee3fdcf5302883c5c12d6

  • SHA512

    6964437494d80557b032ab8184475cf250c7e2206d1f9975d2b420c4f11e3168627c9067b832e60a80f37ecac3406b0e5987b0a805aaeb9696172d0676bb9946

  • SSDEEP

    24576:vkPAL8N9Bs8YqGyWSBrsp/TyJrR/APhbXXKPhfLNr32FcKsHuJXW4QKkFqa:vkPAL2ZYMYp0BQ2PhfxrmFcKsP8kga

Score
10/10

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Guna.UI2.zip
    .zip
  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Newtonsoft.Json.xml
    .xml
  • RocketTitles.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • RocketTitles.exe.config
  • RocketTitles.pdb