MalwareBazaar[.]1 | Triage

Sharing

General

Target

MalwareBazaar.1
Size

1.2MB
MD5

7e2daf9fd0579b5b81c5898a2e10ed2e
SHA1

0546888f1d8bcf8b61b92fe64d76f60b78a5609c
SHA256

470fcfd9431f3542f2d2f1fdea50ac81da0b826bc63bdedc262322100e1ef72a
SHA512

6ed4d3eec3ee146c081d53cf4ca36f521cd52a3f72b76ec645db3f263a6b479e9bc5ef144878c24c88a51d43aaea4634ac1fa26f3b87ab851eb45d9c4442742d
SSDEEP

24576:95QvTuSar6QgRp9TvCkV0uf5ZmH1OvAiP3Cwb:95QynmQgtvCkCua1Riv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MalwareBazaar.1

Files

MalwareBazaar.1
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ