General

  • Target

    g.zip

  • Size

    4.9MB

  • MD5

    da1ba16280582079ea62bb5eda7c4d30

  • SHA1

    59bd803c98eb75f427155c04ce2b1126efaa1fa5

  • SHA256

    205b02e34109d65cea7134d31bf1eda399f2ca966749ce6f966d3c4a168361f8

  • SHA512

    bfde114fa2c4814a760f5f52e0169865f43d5cd12caedb58e6d16f95529c0abb7c73b208653c8c56afb311b851d5521f727c38d68c9913afcaf2b716b527cb6b

  • SSDEEP

    98304:rzrDdgrZA9J8tEOTHI5o4l9+OJUVEp0DkKOFqDV0b8rutTF1jbLLkT:VuZiJ8+O8m0+1EokLFD8rutTFBkT

Score
10/10

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • g.zip
    .zip
  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Memory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • reach.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections