General
-
Target
Bruteforce_Save_Data_v4.4.2.rar
-
Size
4.2MB
-
MD5
9117471d667d0c5cd227f4ec45ad5f16
-
SHA1
35a67057692d94facf0f7def69e96dbcb63d89aa
-
SHA256
150607ee8c34fdc483199a1e3e5125cf28423666c3746a422ff57dd6d3f6f170
-
SHA512
eefc334637df304f155f83ad5fba58f696b517ba414ada6b7a216c7abf7bdfdf20ed73446e1c1258da61b000c89d78026b36b03999e2361f66a460819b56e7ed
-
SSDEEP
98304:msvHkFnaBj/oQIwDBXPYI8NXQ6pGFyo7zs48b4o/p+Yu0:muEJ+M17NvQzzsl/p+Yl
Malware Config
Signatures
-
resource yara_rule static1/unpack001/BruteforceSaveData.exe upx
Files
-
Bruteforce_Save_Data_v4.4.2.rar.rar
-
BruteforceSaveData.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 720KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 210KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 865KB - Virtual size: 865KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Bruteforce_Save_Data_installer.exe.exe windows x86
ec9fe2df073f9adb523d740ca14e7bb5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
ImageList_Create
ord17
ImageList_AddMasked
ImageList_Destroy
kernel32
FindFirstFileA
CloseHandle
SetFileTime
CompareFileTime
GetFileAttributesA
GetTempFileNameA
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
CreateDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
Sleep
CopyFileA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
lstrcpynA
GetCommandLineA
DeleteFileA
GetTickCount
GetUserDefaultLangID
GetDiskFreeSpaceA
GetVersion
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
FindNextFileA
FindClose
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
WritePrivateProfileStringA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetCurrentProcess
ExitProcess
GetTempPathA
user32
SetTimer
DestroyWindow
CreateDialogParamA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
IsWindowEnabled
EndDialog
SetFocus
SetWindowPos
ScreenToClient
GetWindowLongA
EnableWindow
SetClassLongA
GetSysColor
LoadCursorA
SetCursor
GetDlgItemTextA
MapWindowPoints
GetMessagePos
LoadBitmapA
CallWindowProcA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
MessageBoxA
SetWindowTextA
PostQuitMessage
ShowWindow
SetForegroundWindow
CharNextA
wsprintfA
CharPrevA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
GetWindowRect
LoadImageA
GetDC
PeekMessageA
ExitWindowsEx
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
SetRect
FillRect
GetWindowTextA
DrawTextA
EndPaint
DispatchMessageA
gdi32
SetBkColor
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
DeleteObject
CreateFontA
SetBkMode
SetTextColor
GetStockObject
SelectObject
advapi32
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegEnumValueA
shell32
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA
ole32
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
IMPORTANT - You must add your console_id and user_id to global.conf