SpyBJS Rat[.]exe | Triage

Sharing

General

Target

SpyBJS Rat.exe
Size

15.2MB
MD5

bbf7616e115f593113f83fb78328d39a
SHA1

01b69a55d1587e5b1d684819f40c8cf8d399ab73
SHA256

c4b8fe1f0057e52b95d5c50ffd00160932790545b97fcc09feeb12b8b2157bfe
SHA512

3961e3b75957c3d5fad690875a7ef5d805b6c80a922e715776300ceaaa92c05338e5d60745737309174a95786721c0e02485d98dbc15c50e99d3a4e578dde33e
SSDEEP

393216:/vwaPJTtxmkSLNUI7VbZGzc2fFDfOjxuqP6JRYAHkX38:/Yax5cvVbszLhin+dkX38

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SpyBJS Rat.exe

Files

SpyBJS Rat.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19.7MB - Virtual size: 19.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ