Nigger[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Nigger.rar
Size

160KB
MD5

787699760732870f41f36f7339767762
SHA1

95955f929ba898a3f661fc7bd2cf4f8844721406
SHA256

9c36af93988718691c6bb403e436e8dfe60b43d5be94def6a66cd424cd71e91d
SHA512

742d347b9d63f0c5a156a977cdc9c8365b25c09a5e5d15ed556b16a75458b330b7fd03cc71abd07b54f0c7a329f9cc86665a5050b1a73d411c75581adf7728b8
SSDEEP

3072:/xDVE1RFQDWr7Cwh+mQTJL0kTaw6KoUjl3O+9QwcmDchrcpBDVno1:/xERFJrnk0kazKp3fqbWno1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Malaka Executor (2).exe

Files

Nigger.rar
.rar
Malaka Executor (2).exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ronin\source\repos\MALAKA EXECUTOR BETAv1.0\MALAKA EXECUTOR BETAv1.0\obj\Debug\MALAKA EXECUTOR BETAv1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ