Bulk Image Downloader Hook[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bulk Image Downloader Hook.zip
Size

348KB
MD5

5d88e67ffd515dc41bf5d7ae72eb79f2
SHA1

76b2d48038e4a62056d0946ccee0164643afa0f8
SHA256

f90664d1fdee9b64bdc30f13b05c7e30d5f559de13de99d36765479800f9c99d
SHA512

af1990f9a0cbc181b75399122375ccfa9e9857a1d8b4634f838a4a2eb99542eda7bbd005c7d7629269743329c28ba0300eba859d6ac1264c85992a0fcdc507a6
SSDEEP

6144:+NZJOSNw4w2jjKKRFslsseyd36ODPqAMmJwIVBGJT+y6L+FFCbxMRQgHo/K:oZkSNRw2yKL4s/oFZZlH4qyxFFCbx6bx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BID5X6XGH_Installer.exe

Files

Bulk Image Downloader Hook.zip
.zip

Password: trojan.gen?
BID5X6XGH_Installer.exe
.exe windows:4 windows x86 arch:x86

Password: trojan.gen?

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: - Virtual size: 568KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Changelog.txt
ReadMe.txt