General

  • Target

    notepad.exe

  • Size

    7.7MB

  • MD5

    308076a3c4302e9b4222c8acbf16d4df

  • SHA1

    c5859a06ae6a5f39477ecee29bddd29d85665e92

  • SHA256

    045eeb206a8c81482668ca5179c38f8378d077eedcc26ea50d70fa217e358f86

  • SHA512

    8bd107af9200258267928949766216800e7c716d87ceb3798ad8b0c3eff8e266bc5a1f517306fc2d0891267dceb1592fce4693f8dcc2a7e0a858a15b0981cfa7

  • SSDEEP

    98304:BVh/iB2pC6XG4HNkq5UKPhc24Y1/QPldHVTgPNhV0ADXqQgpkWDRIZVMnu0jjD89:BcUG4raKu24YY7HVT4hV0AD6QgqKRgX

Score
7/10

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • notepad.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections