Bel Sekolah[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bel Sekolah.rar
Size

883KB
MD5

fcfdc6078786d27605638299f74b3714
SHA1

31b9cc8c2ad21ed2c6bd50784e17a2d15c5a733b
SHA256

1c2e9eb97faa066ac66eadce2b83205dcf33dcdbcfc0b6df42d77daaaf27310d
SHA512

1bd5899a4f80f0e83e47bc7e2af3142f9f10f3bcfc1d95f2ec35895443ef269caf63a97ab5ec24805ec0dc87d79296df3e09957befe726f9f968525864df19ee
SSDEEP

24576:wu6hKb63sboNdprvYYrolM9G98JJ3EIn4J0ZoCzky:IKVMnprvYYrolM9Rl4Jcz1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BelSekolah.exe

Files

Bel Sekolah.rar
.rar
BelSekolah.cfg
BelSekolah.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BelSekolah.stat
BelSekolahModul.dti
Jadwal.DAT
Jadwal.IDX
Setting.ini
tes/tes1.mp3
tes/tes2.mp3
tes/tes3.mp3
tes/tes4.mp3
tes/tes5.mp3