MalwareBazaar[.]8 | Triage

Sharing

General

Target

MalwareBazaar.8
Size

610KB
MD5

13e825e38907f58c9bfca45bba851189
SHA1

0fbadb9f113b13c3f63845cddf03dca36dcf1407
SHA256

6dcd6bb33946390797c21cb9f96e063808467289379056c2dbd0e5934219ff49
SHA512

f04258cf3528a0ad6b76ba82bfd38e1e3170f025580e2bcaf0159874a6bf5e99b4f75a330ecabb16893a10ee3a59b6efdef21b6d85b5246951fb9a0a2b3610be
SSDEEP

12288:zpahc5QdN0UfQP3wXr9plbApTyS3UgOqwr86w:zZQdNBQ/y9Ep339urhw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MalwareBazaar.8

Files

MalwareBazaar.8
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 607KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ