240823-n1ymfsvdrk_pw_infected[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

240823-n1ymfsvdrk_pw_infected.zip
Size

49.9MB
MD5

b6e295ff9ff17e46852a83187a8f6d55
SHA1

f7a49b619df0d642fa5f702262b0e7e6c66d1a82
SHA256

7857624fdb38945b0db9e4991e65efc5e0feae7bda358ba15197b1211308fa89
SHA512

45e09bb6823d46f8e29db8594f838e2efb4fd2b84b40c384370fafaf4937950572193539873e22794c2db1bf4f61b73fe1333089deb75df0332a529d2f5358a6
SSDEEP

1572864:rBBf/sJmVNRmW5Zyxq+7umqN/c55nXXvvnVo:tBf/emVNcEyj7umqNiXXHnVo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/BonziBuddy432.exe

Files

240823-n1ymfsvdrk_pw_infected.zip
.zip

Password: infected
Bon (1).zip
.zip
BonziBuddy432.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ