General
-
Target
tewst.rar
-
Size
3.5MB
-
Sample
250114-tqaqjasncs
-
MD5
309b5b7dbc12f28c04eee3f23cb9480e
-
SHA1
a5c0cf0ee273eb6352f6b338e200459709cab531
-
SHA256
7af4fa367855b4eef4c233c59c6fd68a9ec82596958e14b707fc677e7ce42f45
-
SHA512
0be7b0995dd23624cea13eceb18b961bc6ae530d4f65220f94af8e08018b45404085d1e1bff4bf64d51b2304d34ffe4aa93d0496e4b47815f21895bbaf8deffb
-
SSDEEP
98304:wEq5BjAivbsRvgKKsY6x+Ce/Ez2FGBcjPRR:wlgyKKsNV2FGBMPL
Malware Config
Targets
-
-
Target
tewst.rar
-
Size
3.5MB
-
MD5
309b5b7dbc12f28c04eee3f23cb9480e
-
SHA1
a5c0cf0ee273eb6352f6b338e200459709cab531
-
SHA256
7af4fa367855b4eef4c233c59c6fd68a9ec82596958e14b707fc677e7ce42f45
-
SHA512
0be7b0995dd23624cea13eceb18b961bc6ae530d4f65220f94af8e08018b45404085d1e1bff4bf64d51b2304d34ffe4aa93d0496e4b47815f21895bbaf8deffb
-
SSDEEP
98304:wEq5BjAivbsRvgKKsY6x+Ce/Ez2FGBcjPRR:wlgyKKsNV2FGBMPL
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-