Broque Ramdisk PRO[.]zip | Triage

Resubmissions

23/08/2024, 08:11

240823-j3dmvawamp 3

Sharing

Copy URL Twitter E-mail

General

Target

Broque Ramdisk PRO.zip
Size

14.0MB
MD5

f955c33df438f88fd721ca67b5fa3ad6
SHA1

5d2605f17e76e4793858df41ede7cd586be2edae
SHA256

835cbf0f13c704ef2220931ada7564bab0db8d39aa5d6214895173e68336580f
SHA512

395807fb60cf8fbdc67a1a94b58c0b58b28de62a3d325f361a6c4647f3425f5b8e4d2f168e53399ff178318177c3bde16cced9b7961e6992d60f884c43b167b9
SSDEEP

393216:9PjjlZvuVkjIX1QBKkWoR9cFUQmp2RwiNoWw:hjlZuVkjIX1QBbWoR9UUQmp5zr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/entry001/Broque Ramdisk PRO.exe

Files

Broque Ramdisk PRO.zip
.zip
entry001/Broque Ramdisk PRO.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 8.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

./}M
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.&Ks
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pQ\
Size: 15.2MB - Virtual size: 15.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ