Overview

overview

7

Static

static

7

a8370defd9...87.exe

windows7-x64

a8370defd9...87.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8370defd90c3d549ca6aef693897f26d1c84983009034d5e13fddee284fa287.zip

  • Size

    5.3MB

  • MD5

    492074e6d71cbe4c08c5e3d4451e43f6

  • SHA1

    5aec8b6b03e9990d580009f3eefc9995c25e8562

  • SHA256

    9f8f0f6c917038c7df3ba438e2800558e3a936cfb1cceb3bce68b28d80f26fd1

  • SHA512

    f721dad9111f12eb9d15f2fd10ef87643017a9b2c92edd45fbe591ef0f250882067e0f788d99a2eba9e27acb9c719d0607a05a51d62481ec9539b825cd5503cd

  • SSDEEP

    98304:8LwNo7ZPpWYGkNx1WF/7IME4+kGrqhhhpOUWhX9pGGhgnPCNSo4XHFMwjBK5/:8LwNuYDkNx8FzFOkIWhh0UG916nPC94u

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Detect suspicious telegram bot 1 IoCs

    Detect suspicious telegram bot.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a8370defd90c3d549ca6aef693897f26d1c84983009034d5e13fddee284fa287.zip
    .zip

    Password: infected

  • a8370defd90c3d549ca6aef693897f26d1c84983009034d5e13fddee284fa287
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections