IBDETN[.]img | Triage

Sharing

General

Target

IBDETN.img
Size

504KB
MD5

eb5696eb21168e82bf1c911a98ba679a
SHA1

762b4c4c68ee1be81274c0c2a7c2082274237b21
SHA256

f91922fbdfba9ebcb266bea40a7c8c82f2152a7924649c01d6ff716c5227945c
SHA512

95e554ce372035b128cdbaa7f4d8aaca46363e73f66550ff167bc7ff3fd5d9107f30463022ee3b9b7fad8d355712c5fc6b6ff4cd701e883bd00f58a21c4d5399
SSDEEP

12288:TzzFUmAvADG6q4d22EOOpZqi3R91gtyuRV/Sxd6n5s6MCdlIU:TPa8jQjqirO3RV/L/9E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/IBDETN.exe

Files

IBDETN.img
.iso
out.iso
.iso
IBDETN.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ