Overview

overview

10

Static

static

7

WhatsApp-cleaned.exe

windows7-x64

10

WhatsApp-cleaned.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    253dac045440d4f57c049b87c90f3665c7bb26f8822e71d2b512f4b7f31fc3c0

  • Size

    3.6MB

  • MD5

    77526e613ea288bb1d71984839242425

  • SHA1

    358c9deda98ef5c705447d6272711a7f23860a59

  • SHA256

    253dac045440d4f57c049b87c90f3665c7bb26f8822e71d2b512f4b7f31fc3c0

  • SHA512

    909566f561c332c982df8fbb7fc2f1734eeac7741685948bc67ca9a8ba2e1c93419ceae15775fff6e45e0af24c98e507d5e8b54578a22bc7961f25c1ed7d00e7

  • SSDEEP

    98304:bVMx9l4O6n0g0tvKmzqdpUV901+ShY5Bk1NtVlB:Cp4O6nKzk5hkWvt7B

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 253dac045440d4f57c049b87c90f3665c7bb26f8822e71d2b512f4b7f31fc3c0
    .zip

    Password: infected

  • WhatsApp-cleaned.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections