General

  • Target

    Debug.rar

  • Size

    1.0MB

  • MD5

    b491bfed10a6f0c911781dff6f84e793

  • SHA1

    a03f67e0ed36e14d0c9127e887d4e3753bb077bb

  • SHA256

    8aa27bfe73d5ddea01c60f097a6ff2776363d7d2d0d7856bc05f4fa5c1b12071

  • SHA512

    c6a5dbebabb20ef0e126b1af1e35daa0886a9ec78278f9316e9603008da65b059ff21a631d7a04f1562cb6336ac8bc147ccedb97e4546906ccccaf01c9b15173

  • SSDEEP

    24576:0NfvJFoFSKP/cHssabqa3M7mK2lfllqXq7L8k81B6zu/hAHr2DXAqpW6dUlG:0tvJm88tlJciK2ZrWq7Lx+6zkhea/c6V

Score
10/10

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Debug.rar
    .rar
  • Debug/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Debug/Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Debug/Newtonsoft.Json.xml
    .xml
  • Debug/forsync.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Debug/forsync.exe.config
  • Debug/forsync.pdb