bebra[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bebra.exe
Size

3.4MB
MD5

9db7f8ba57214489f97c8c785b4c727c
SHA1

968df2ab397063fcf6eb7720fa5ca24744230bc7
SHA256

c9487cb734eaca9afb87d6f71614bdfca5f3f5e70568971391d53e369badf149
SHA512

0fd530aeb633465bdffd134e4614ce9b3bbedd66537ce5edaeed93c2be00973029bd5f95c1a2733b192a2e9d18241af1cf9b5903a627af6012c8da22a40516c9
SSDEEP

49152:e+LTEphEE+VCY+LN5Nam1geOy7DJ4IKTq1K3bR7cs3AMnzQ2oMtlr7PL6vdB3oD/:e0WmNVhA1EEATaAF7vNn7PPL65GHt3R

Score

N/A

Malware Config

Signatures

Files

bebra.exe
.exe windows x64

226868e02a9160054a3680504ea3de07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FormatMessageA
GetModuleHandleA

msvcrt

fprintf

shell32

SHGetDiskFreeSpaceA

advapi32

RegQueryValueA

user32

GetDC

Sections

.pdata
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

.rdata
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 387KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pexe
Size: - Virtual size: 345B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

226868e02a9160054a3680504ea3de07

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shell32

advapi32

user32

Sections

.pdata Size: - Virtual size: 4.0MB

.rdata Size: - Virtual size: 260KB

.reloc Size: - Virtual size: 3.1MB

.pdata Size: - Virtual size: 24KB

.rdata Size: - Virtual size: 25KB

.rdata Size: - Virtual size: 387KB

.pexe Size: - Virtual size: 345B

.reloc Size: - Virtual size: 5KB

.rsrc Size: - Virtual size: 104B

.rsrc Size: - Virtual size: 16B

.reloc Size: 54KB - Virtual size: 53KB

.rsrc Size: 50KB - Virtual size: 49KB

.pdata Size: 109KB - Virtual size: 108KB

.pdata
Size: - Virtual size: 4.0MB

.rdata
Size: - Virtual size: 260KB

.reloc
Size: - Virtual size: 3.1MB

.pdata
Size: - Virtual size: 24KB

.rdata
Size: - Virtual size: 25KB

.rdata
Size: - Virtual size: 387KB

.pexe
Size: - Virtual size: 345B

.reloc
Size: - Virtual size: 5KB

.rsrc
Size: - Virtual size: 104B

.rsrc
Size: - Virtual size: 16B

.reloc
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 50KB - Virtual size: 49KB

.pdata
Size: 109KB - Virtual size: 108KB