Overview

overview

10

Static

static

10

perm/Seria...er.bat

windows7-x64

1

perm/Seria...er.bat

windows10-2004-x64

1

perm/perm/...I2.dll

windows7-x64

1

perm/perm/...I2.dll

windows10-2004-x64

1

perm/perm/...rs.exe

windows7-x64

10

perm/perm/...rs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NovaWare_Perm_spoof.ZIP

  • Size

    19.7MB

  • MD5

    00a6da4281a202370a52fef4cf4d7421

  • SHA1

    a75b12ceef4459056dd19cbfd1c206e433473e38

  • SHA256

    ef6d1d2eee80126ce4732424d575f955ec8c3906aeb0fbe8e75e457aa6bfb23e

  • SHA512

    9c17791b5037794f457923f14f878e5bcdd10fc72be0790daf1c2ebafd4f4ad6c9615cef6f3812a75e553c7c0fccac5f5c994d2e5385bb39ff2c0aa8d3ad1512

  • SSDEEP

    393216:f3D+6eYyhkxUbgvy8Euf7APnntluciSHHWB1fDaeWeYH/r2ks1lcaik4I:fT6KR68fent8hhB1fDa7z2nzAI

Score
10/10
themidaagenttesla

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NovaWare_Perm_spoof.ZIP
    .zip
  • perm/Key.txt
  • perm/Serial Checker/Checker.bat
  • perm/perm/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • perm/perm/ilikeniggers.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections