bijsin[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bijsin.rar
Size

3.6MB
MD5

5ce4065209dfd681d92be514abadc0ed
SHA1

18b29519bff89780df2050db12f45d2af688f7cc
SHA256

feeb8c1312dc1d8d4fc2a1602ba8af9fe93905068c7b809932c35dc9dffdf1b9
SHA512

694ff0009905f08c22254cbf5120974ec07e3f6ca364f8679ee29fbe2cde216bf0914b0c3e25903525dbd1a6c681838aa32552925fae5a5cdce83a5423473334
SSDEEP

98304:P57T9ZzbaQ2AoJFQDuO7tn9KqRnSQZmVYbF9ZLpkY+7rkt:PpiQHcQDuO7tncqRfbkNO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Loader.exe

Files

bijsin.rar
.rar
Loader.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

5[jD1
Size: 976KB - Virtual size: 975KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ