MalwareBazaar[.]11 | Triage

Sharing

General

Target

MalwareBazaar.11
Size

1.3MB
MD5

f50775e18e9da9d2f34006fad5fb7267
SHA1

3ee47b2e6543dc06f2292440566a22377ba45bf6
SHA256

d5033b91615c5b714b92362b7906982f577b7235b0bdc8433a03cbe0e8992730
SHA512

15508603ba08a2b6fa86483462e47871179be55f499ec009bec68fbb0ec03092448afeddfaf73d4d6fded90c9d7e8a16c4e92d5677357e381713692de148df7a
SSDEEP

24576:Lf+6UNxk0J91B3B/V2P0JqZ79szrLP9SPvYVVPa+41v6OuYdCie:LG6U80JHB3B/V2PdZ9Wv2vYVVPS0Pnj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MalwareBazaar.11

Files

MalwareBazaar.11
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

YYcC.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ