NitroGen[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NitroGen.bin
Size

18.6MB
MD5

d0b21564f673ae721b0801eb7cd41e9c
SHA1

57aa3cbf62ff64b1cf61839a99ee3769fa31ec5b
SHA256

367f201a98f1d9e8b42eb02e2ce3d3adc7366541e2cf5416d2f3e50b25753363
SHA512

2b4b670eec6646f430f2890ffd57b5bdab0b185250868eb86f3415c9025a8715956e3b0a6de9482445b295b0f298f7552e62663d12e0138490b792ca23a11e85
SSDEEP

393216:nvrUXNi5ShR4uwohGaMntuZ/lZ0y8sfBIfNCLxKg5wQ2z7hR99gzaZf2Mf/:nvrUXN8Q2eQa/nbLpIfIxKgaz7j9SaJX

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

resource	yara_rule
sample	pyinstaller

Files

NitroGen.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ