BerserkBear Downloader[.]bin | Triage

Sharing

General

Target

BerserkBear Downloader.bin
Size

3.0MB
MD5

f7c5d117c91bd22fa17d2d5444ff7ab7
SHA1

df74d60e69213dec424f1d2c02554a7cd36efded
SHA256

cb3306aecb05fccaac51a036f361991745a4ef90d8d9ec713d783c88605ea556
SHA512

ad2031003bb04e20a52ec0a335735341c0c77d3bbe20b644db3867cedf808993ece784ef9c5801e5f079958d361108aa0269869b4619fedcd95206f57fc9d754
SSDEEP

49152:CnJ97kOsg9TmxMjVGu8e6BYjJOcxCOInS35WmxWTj:k97n9TIMCpYjEYyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BerserkBear Downloader.bin

Files

BerserkBear Downloader.bin
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ