General
-
Target
Blizzard_Battle.net_Gateways_Editor (1).rar
-
Size
207KB
-
MD5
464f3fe509195aa5dfec208fae20f4b3
-
SHA1
02836461b5e77a3e92845f739c5758346e670802
-
SHA256
e57b67f888836f3928d20feec3c3fc916cda1640d9d0b5fb8a50f0d141fca7c8
-
SHA512
ddee928eef409687f324c60d54bd0f21d38e628498006ebc128a0fc1df011807d0a2b6bbac39dacf9c079dbb3461c8a71b205bda8de12e81aa98f02ad7bcfed3
-
SSDEEP
3072:B0TKAYmaQP2MqFb7+WGc/dmK/WCgbvr7N1FUbKvI/z/IFX027YN4Oycfv+56M:6ft2MKbKWn1W7eeKyVYN4OycfvU
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/Blizzard_Battle.net_Gateways_Editor/Blizzard Battle.net Gateways Editor/BNGateway Editor.exe upx
Files
-
Blizzard_Battle.net_Gateways_Editor (1).rar.rar
-
Blizzard_Battle.net_Gateways_Editor/Blizzard Battle.net Gateways Editor/BNGateway Editor.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 364KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 204KB - Virtual size: 208KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Blizzard_Battle.net_Gateways_Editor/DotEros.com.URL.url