1e40a2f8de389bb662f8322e05f28c6d | Triage

Sharing

General

Target

1e40a2f8de389bb662f8322e05f28c6d
Size

331KB
MD5

1e40a2f8de389bb662f8322e05f28c6d
SHA1

e25e9baec10d5794e6ec17cfc4eb8301734de1a7
SHA256

3bed47c028b4004594fa5da2d09f46843bfefb3d35d7b5b5b48fc87b5d2bbeeb
SHA512

5dda0c781f70eb486a6ff313fcbf1d36f5a16b0293d1ba2ad154586682c17307cc900ab7b80403625b59d30bb5f49a6a8171abc6461de17bdbf832b57734ba96
SSDEEP

6144:ksa17exitvckf6I6xnWo9QxYjswWQXysD53XI3nQ0DCKKhVp/ZkYkbu:ksa1W2vc26IkrKQCGBI3n2Ki/mxu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BrutusA2.exe

Files

1e40a2f8de389bb662f8322e05f28c6d
.zip
BrutusA2.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 501B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NetBus.bad
Overview.doc
.doc windows office2003
example-combo.txt
readme.doc
.doc windows office2003
users.txt
words.txt