marsstealer | bd4f4c87a3ac6bf8e8d4b51c2e02e09e[.]bin | Triage

Sharing

General

Target

bd4f4c87a3ac6bf8e8d4b51c2e02e09e.bin
Size

244KB
MD5

bd4f4c87a3ac6bf8e8d4b51c2e02e09e
SHA1

9009f36560c4fd6aefaa6996e510cd19c1f7e5ed
SHA256

b7ccb7951d2cca3278aad5e3088ef7a08c095e9715b7d9abbcca283997ca0bff
SHA512

cdf9ad9fb0e4c168c6b5eb096a54ac9e8cf200a8a2dba06889e7c6460ba2bd94558bd438e1631e525eacdbe36c548d0709d97cbaaffc039840f8f9ea550401dc
SSDEEP

3072:Um/E8k9ZjpIn+zNch12KbAwSaSKJSp8Ub8EG:N/E8k91rz6/tc8EG

Score

10^/10

marsstealer

Malware Config

Signatures

Marsstealer family
marsstealer

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd4f4c87a3ac6bf8e8d4b51c2e02e09e.bin

Files

bd4f4c87a3ac6bf8e8d4b51c2e02e09e.bin
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 864B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE