General

  • Target

    Zara+Perm_new.zip

  • Size

    1.3MB

  • MD5

    ff31dd46cc80d102852a370f4dc13aba

  • SHA1

    e6644f9d9a87e59dca851fbdaeed3017a9901d95

  • SHA256

    0368ab0f24763144b866c9894899858d8c493d13c3d9cb170edf4582adbf4514

  • SHA512

    7b4fe8da1d901136a6cce97ad438e492bcd74aa9b24f760401df3a75f8e5a8cec395377a1ec7e06acfa32582ae18ebfc7ce0068debff679925d62f8137a4e05f

  • SSDEEP

    24576:VxQRub/VUyYo233SqR57Ckd1J4xi/BQrN+CECdGkx2cka5rVmbHqakNOcEZ8flf8:VGRubKp3SqRVCkHJ4xCOG+h2cH5UHqhe

Score
10/10

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • Zara+Perm_new.zip
    .zip
  • Bunifu.UI.WinForms.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Lucky.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections