bughatch | 521533fe8439f70f3e4446312df30bec85326767b02f76af4bec39b251e15c81[.]bin

Resubmissions

22-09-2022 16:59

220922-vhr6aafgbk 10

20-09-2022 10:36

220920-mm81lagdcj 1

Sharing

Copy URL

Twitter E-mail

General

Target

521533fe8439f70f3e4446312df30bec85326767b02f76af4bec39b251e15c81.bin
Size

25KB
MD5

abfc01f92a6983fed77f136d7b6a4312
SHA1

953f32c6b64ea7ccea9d40c528b4ce6cfb6141ad
SHA256

521533fe8439f70f3e4446312df30bec85326767b02f76af4bec39b251e15c81
SHA512

5d2333052114434061402e4bcbe67280659a4d4519297c52fc207d117d3ab12cd6ccfa6e3920d99c12011404abf67248ab73b342c401934d7121440998486166
SSDEEP

384:GQRUDfYkNDR6Yabb/9Sc7oLO0ApNQE1M9Z4XsC5JVTuWsTkly80CLlcIeoRzQ9S5:9R4DqbzT/mZ4cCxuXY02soNaM

Score

10^/10

bughatch

Malware Config

Extracted

Family

bughatch

http://108.62.12.122

Signatures

Bughatch family
bughatch

Files

521533fe8439f70f3e4446312df30bec85326767b02f76af4bec39b251e15c81.bin
.exe windows x86

04229d453e8705f592bd0c3f13747f40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetCrackUrlA
HttpOpenRequestA
InternetSetOptionA
InternetQueryOptionA
InternetReadFile
InternetConnectA

iphlpapi

GetAdaptersAddresses
GetIpAddrTable

shlwapi

wnsprintfW

ws2_32

ntohl

kernel32

GetWindowsDirectoryA
CreateFileA
GetTempPathA
GetEnvironmentVariableA
GetStartupInfoA
CreateProcessA
GetProcAddress
GetCurrentProcess
CreateThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
WaitForSingleObject
CloseHandle
GetSystemInfo
lstrcpyA
lstrcpyW
lstrcatW
lstrlenA
lstrlenW
CreateEventA
GetModuleFileNameW
GetModuleHandleA
GetComputerNameW
QueryPerformanceCounter
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
ExitProcess
Sleep
GetVolumeInformationA
HeapAlloc
HeapFree
GetProcessHeap
FlushInstructionCache
VirtualAllocEx
TerminateProcess
GetLastError
WriteProcessMemory
GetThreadContext
SetThreadContext
ResumeThread
WriteFile
ReadFile
SetHandleInformation
GetTickCount
CreatePipe
PeekNamedPipe
lstrcatA
GetModuleFileNameA

user32

wsprintfA

advapi32

GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
CheckTokenMembership
LookupAccountSidW
FreeSid
AllocateAndInitializeSid
OpenProcessToken

Exports

Exports

Start

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

04229d453e8705f592bd0c3f13747f40

Headers

DLL Characteristics

File Characteristics

Imports

wininet

iphlpapi

shlwapi

ws2_32

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 716B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 716B