Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.zip

  • Size

    268.5MB

  • MD5

    b310fd53e3294982c72e77dafdf35dba

  • SHA1

    387d5774879a41e9072766b7082b61f71a38ef61

  • SHA256

    0e63d8cae3631da5ad429878760a03a81573c3a7e26c089988801894bc74d663

  • SHA512

    9807e78a653caabc801b4b500124dafdad915f044e91cd0d2e218974a3254d548574d7a26fac534585c577bf9caeec7a7012487dae35df8bc0a009265a407e2a

  • SSDEEP

    6291456:WAlDuLlWbGcmJvYvELQaAMkpGKL9eex9XSB5nSE7/:3OWS1LQaAMM5Sz

Score
10/10
agenttesla

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • Unsigned PE 12 IoCs

    Checks for missing Authenticode signature.

Files

  • Setup.zip
    .zip
  • Setup/CurrDir/BouncyCastle.Cryptography.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/BouncyCastle.Cryptography.xml
    .xml
  • Setup/CurrDir/Emma.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Setup/CurrDir/EmmasFileShop.application
  • Setup/CurrDir/EmmasFileShop.exe.config
  • Setup/CurrDir/EmmasFileShop.exe.manifest
  • Setup/CurrDir/EmmasFileShop.pdb
  • Setup/CurrDir/EntityFramework.SqlServer.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/EntityFramework.SqlServer.xml
    .xml
  • Setup/CurrDir/EntityFramework.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/EntityFramework.xml
    .xml
  • Setup/CurrDir/Google.Protobuf.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/Google.Protobuf.pdb
  • Setup/CurrDir/Google.Protobuf.xml
    .xml
  • Setup/CurrDir/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/HidSharp.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/HidSharp.pdb
  • Setup/CurrDir/HidSharp.xml
    .xml
  • Setup/CurrDir/K4os.Compression.LZ4.Streams.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/K4os.Compression.LZ4.Streams.xml
    .xml
  • Setup/CurrDir/K4os.Compression.LZ4.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/K4os.Compression.LZ4.xml
    .xml
  • Setup/CurrDir/K4os.Hash.xxHash.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/K4os.Hash.xxHash.xml
    .xml
  • Setup/CurrDir/LibreHardwareMonitorLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/LibreHardwareMonitorLib.xml
    .xml
  • Setup/CurrDir/MaterialDesignColors.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/MaterialDesignColors.pdb
  • Setup/CurrDir/MaterialDesignThemes.Wpf.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/MaterialDesignThemes.Wpf.pdb
  • Setup/CurrDir/MaterialDesignThemes.Wpf.xml
    .xml
  • Setup/CurrDir/Microsoft.Bcl.AsyncInterfaces.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/Microsoft.Bcl.AsyncInterfaces.xml
    .xml
  • Setup/CurrDir/Microsoft.Web.WebView2.Core.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/Microsoft.Web.WebView2.Core.xml
    .js .xml polyglot
  • Setup/CurrDir/Microsoft.Web.WebView2.WinForms.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/Microsoft.Web.WebView2.WinForms.xml
    .xml
  • Setup/CurrDir/Microsoft.Web.WebView2.Wpf.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/Microsoft.Web.WebView2.Wpf.xml
    .xml
  • Setup/CurrDir/Microsoft.Xaml.Behaviors.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/Microsoft.Xaml.Behaviors.pdb
  • Setup/CurrDir/Microsoft.Xaml.Behaviors.xml
    .xml
  • Setup/CurrDir/MySql.Data.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/MySql.Data.xml
    .xml
  • Setup/CurrDir/OpenHardwareMonitorLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Buffers.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Buffers.xml
  • Setup/CurrDir/System.CodeDom.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.CodeDom.xml
  • Setup/CurrDir/System.Configuration.ConfigurationManager.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Configuration.ConfigurationManager.xml
  • Setup/CurrDir/System.Data.SQLite.EF6.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Data.SQLite.Linq.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Data.SQLite.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Data.SQLite.xml
    .js .xml polyglot
  • Setup/CurrDir/System.Diagnostics.DiagnosticSource.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Diagnostics.DiagnosticSource.xml
  • Setup/CurrDir/System.IO.Pipelines.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.IO.Pipelines.xml
  • Setup/CurrDir/System.Memory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Memory.xml
  • Setup/CurrDir/System.Numerics.Vectors.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Numerics.Vectors.xml
  • Setup/CurrDir/System.Runtime.CompilerServices.Unsafe.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Runtime.CompilerServices.Unsafe.xml
  • Setup/CurrDir/System.Threading.Tasks.Extensions.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/System.Threading.Tasks.Extensions.xml
  • Setup/CurrDir/ZstdSharp.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Setup/CurrDir/app.publish/EmmasFileShop.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Setup/CurrDir/runtimes/win-arm64/native/WebView2Loader.dll
  • Setup/CurrDir/runtimes/win-x64/native/WebView2Loader.dll
    .dll windows:10 windows x64 arch:x64

    f6946d311bccc86e2042a388e375de41


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Setup/CurrDir/runtimes/win-x86/native/WebView2Loader.dll
    .dll windows:10 windows x86 arch:x86

    72229ff546c74d09d9030ca49ce61b31


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Setup/CurrDir/x64/SQLite.Interop.dll
    .dll windows:6 windows x64 arch:x64

    d99c34fbf4a27bd49bd158efcb5d8cc5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Setup/CurrDir/x86/SQLite.Interop.dll
    .dll windows:6 windows x86 arch:x86

    c7ed3cced4a9a7e77612b9900591b547


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Setup/INSTALLMEEEE.exe
    .exe windows:6 windows x86 arch:x86

    e277f1464e7729ad9df5ec047611738a


    Code Sign

    Headers

    Imports

    Sections

  • Setup/INSTALLMEEEE2.exe
    .exe windows:5 windows x86 arch:x86

    9b2f6a441f9ff8df98ae6e9e6b5d4271


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Setup/RunMeAfterTheInstalls.exe
    .exe .ps1 windows:4 windows x86 arch:x86 polyglot

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Setup/Setup/Lockdown.exe
    .exe windows:6 windows x64 arch:x64

    7d82737f015fa3a1a4cef33dc096d571


    Headers

    Imports

    Exports

    Sections

  • Setup/Setup/Lockdown.pdb