General

  • Target

    Nezur-bootstrapper-x64.zip

  • Size

    5.1MB

  • MD5

    02c6b5f469b6ebaa7545c22a8f4a8844

  • SHA1

    010a2bec790234b7dba3504d89216d19ebd2aea6

  • SHA256

    e6418a8d5d6918e90a46a91f19d0caf3a98aff5148941840de2807bf588307e3

  • SHA512

    6356e8879a2270d0d133d60cb64c03c2887e96cc6179bb40d0840659922e5d80c61c8dc29826cfc4338d538c279dbb2b28472f35a8ad6f75fec569b77c71d6d6

  • SSDEEP

    98304:Di6YkFtRJI4W0HBLAt9rRqpr5VrylnsQfu/cgyCuvh+Pd2CJ4micIwt7ZUOgM:m6h/IdFRDsMLnC8h+wE4mVt7ZUOgM

Score
7/10

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Nezur-bootstrapper-x64.zip
    .zip
  • Nezur.exe
    .exe windows:6 windows x64 arch:x64

    2cd4fc692a9ac38e2a5c8c46b266698a


    Headers

    Imports

    Sections

  • nezur.dll
    .dll windows:6 windows x64 arch:x64

    4818f38f4c23095b5d13173f5a14f22e


    Headers

    Imports

    Exports

    Sections