ValidateBonzer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ValidateBonzer.exe
Size

47KB
MD5

d8c25565a6cad424e01ffebeceff18a7
SHA1

1e676664bd7113fb729f3b938eb7e2de8b3a76ab
SHA256

472eda09ef08a1ca135a41d9d6797f9d78acfe4000de5ba51b0d7775cf57f6c0
SHA512

eb34d38ab2db1e1e16b7bbf7956cef59657eb6c8ad2c294efa2c32576177a9e1f0351c27c334516eac8cf743004aca20dd7a97513bcbcdce94cc7b67c6b03ea9
SSDEEP

768:rSQ/+gxQ+XCSSDaXdF+lF7P7J5reaCn+9JO2shY8PLUpb6VPvYqBN6cNFfAXoGiK:r//+gxQ+SSY+A37feaCMJDmYsLIb4Pvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ValidateBonzer.exe

Files

ValidateBonzer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ