bruteratel | badger[.]zip

Resubmissions

26/10/2022, 09:55

221026-lxwycafchl 10

03/10/2022, 10:16

221003-ma61gagac8 1

Sharing

Copy URL Twitter E-mail

General

Target

badger.zip
Size

301KB
MD5

d484e5347e51d8b92cdcc685b9abc003
SHA1

4c6e7808108d85363b47dee0228fc247d177542d
SHA256

aea2f4401c194f8985a75824a287138ee4fcba9533c10b970b65e3e034c3c8e2
SHA512

8416b2643ac2722231bd95b6103199275acb86ae10f12b1a5bc89811cd96b7b5250b717a7fb70ed7d469a9e0f71c2b0e0c222fc3c0926b93562a87afc0a53246
SSDEEP

6144:xghvsZbddbXdRAp/pxVpgwaxm4SoQE5p8UkhPr3SDIbOjeEIBgAJK7F6qS:xQEZbLbXHM/p7pkxooQEkUimDVK7/KjS

Score

10^/10

bruteratel

Malware Config

Signatures

BruteRatelConfig 1 IoCs

resource	yara_rule
static1/unpack001/badger_x64.dll	BruteRatelConfig

Bruteratel family
bruteratel

Files

badger.zip
.zip

Password: pass
badger_x64.dll
.dll windows x64

Password: pass

df00652ad3e78ba777ba702462655cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
realloc
strlen
strncmp
vfprintf

Exports

Exports

main

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 224B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: pass

Password: pass

df00652ad3e78ba777ba702462655cf8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 339KB - Virtual size: 339KB

.rdata Size: 1024B - Virtual size: 704B

.pdata Size: 1024B - Virtual size: 540B

.xdata Size: 512B - Virtual size: 368B

.bss Size: - Virtual size: 224B

.edata Size: 512B - Virtual size: 68B

.idata Size: 1024B - Virtual size: 868B

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 92B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 339KB - Virtual size: 339KB

.rdata
Size: 1024B - Virtual size: 704B

.pdata
Size: 1024B - Virtual size: 540B

.xdata
Size: 512B - Virtual size: 368B

.bss
Size: - Virtual size: 224B

.edata
Size: 512B - Virtual size: 68B

.idata
Size: 1024B - Virtual size: 868B

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 92B