Tajni_agent[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Tajni_agent.7z
Size

78KB
MD5

c4703b22052b25680ba1ab941b6354cf
SHA1

e241529b2f8429d7dd237259bd5c9c6b9dbf9a7e
SHA256

7cf28789cbee53dbadae174167a0c6e5ccec0190c3807b918fa84d1e34e32296
SHA512

d5ce51763de846c038f9ddc0e7425272fbfd3e2078affacd719dc6dd2b4357f3fe9b52d6f8afc932ae981a9ab4fba5ce78f8f09498e9ecaf62509a5cc92d120a
SSDEEP

1536:EgrNibIFRYAAwlKB4ZASN1V2mvzVeurPFUgCqrctPNv7TxwDlWFHN1IBPsTwYjxP:EgrNdnBsmASNjvznrFJ4Nv7SDlW1wWxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Tajni_agent.exe

Files

Tajni_agent.7z
.7z

Password: infected
Tajni_agent.exe
.exe windows:4 windows x64 arch:x64

Password: infected

b4c6fff030479aa3b12625be67bf4914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dfsg
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE