BloatyNosyApp[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BloatyNosyApp.zip
Size

65KB
MD5

33205708532d01baf2d029a54d060f25
SHA1

9216167bcdac212bcda620aaf0c1366e48186342
SHA256

b8a178dd0b8397892bdabf78410962c7ae368330bfda1edb25443c8046777bbb
SHA512

163b31e8d73a9ee64280878f7b7f391e9421dae2da79e3e49665fc70e45ca55b5da94d7517aeb09a52545c9f360a89075cb594992b96fcc68d634253d2408457
SSDEEP

1536:1MtW5suvO+V3ubScCC0K+iISc2wK2V1nVbwj:1M45sqO4u2C0K+o8ZJbwj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BloatyNosy.exe

Files

BloatyNosyApp.zip
.zip
BloatyNosy.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
app/Gaming_Profile.bloos
app/Just-Debloat.bloos
app/OOBE_Profile.bloos
app/bloaty.txt