MalwareBazaar[.]0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MalwareBazaar.0
Size

1.1MB
MD5

52c34c59183a5b51c6635a5c07dbe83a
SHA1

7def618896505fde8a6d91fe34bff462ccfaaed9
SHA256

9addebe94747ecae48221b2b7efaca6527d5e5a9fa8b792699e2d885d26004a2
SHA512

b115d169591f02587353b2153a727980bc2a59aabec11e4090cfc9946153270c621711309d3326806f65abc61dcb70da9c7dee5d80c30ac2e1eb8d4b8a411a1c
SSDEEP

24576:wMIQNlECrbLafnmKvsdgIS0sR7v/vMJ7tHNVuq0CR3NNgz/5X:JIQNJnufXggIHsBkJ7tHn/xRdA/5X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MalwareBazaar.0

Files

MalwareBazaar.0
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

zmhl.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 986KB - Virtual size: 986KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ