WareHub_Crack[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

WareHub_Crack.rar
Size

16.6MB
MD5

2df6946236a76b700e34eb72a5bde14a
SHA1

9b532ca7f47bd8901803d0328da8f998d2b6912c
SHA256

1033d547f5b57c92d17b7572c70f87de0a4ff9ad21c3c1da9174c54f597bc39a
SHA512

5134bf66f123fe8cfd0dc8ced5325761c276d2ec36364bf5e0b9b247feb057c2ad03cc322bff50d9cdfa2b94df2121313aa9275a1a3fb4ed92bd6c254ef42d31
SSDEEP

393216:fbEkUkqIuMGm3C5xN9czuP8jnQncdg4NlzIdZzLEji:fbEtk7uHmONtP8jQYTDQZHwi

Score

7^/10

Malware Config

Signatures

.NET Reactor proctector 2 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
static1/unpack001/WareHub Crack/VisualBasicClass2.dll	net_reactor
static1/unpack001/WareHub Crack/VisualBasicClass2Old.dll	net_reactor

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WareHub Crack/SharpMonoInjector.dll
unpack001/WareHub Crack/VisualBasicClass2.dll
unpack001/WareHub Crack/VisualBasicClass2Old.dll
unpack001/WareHub Crack/VisualBasicClass2Old2.dll
unpack001/WareHub Crack/WareHub.exe
unpack001/WareHub Crack/xGen.exe

Files

WareHub_Crack.rar
.rar
WareHub Crack/CrashFix.bat
WareHub Crack/DebugLog.txt
WareHub Crack/Inject.bat
WareHub Crack/SharpMonoInjector.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WareHub Crack/Unload.bat
WareHub Crack/VectorCord.txt
WareHub Crack/VisualBasicClass2.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WareHub Crack/VisualBasicClass2Old.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WareHub Crack/VisualBasicClass2Old2.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WareHub Crack/WareHub.exe
.exe windows:6 windows x64

70dfe1c194031d3252b9408bb884ac7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

htonl

wldap32

ord217

crypt32

CertGetCertificateChain

normaliz

IdnToAscii

kernel32

GetModuleFileNameA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetCursor
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

advapi32

CryptAcquireContextA

msvcp140

?_Xbad_function_call@std@@YAXXZ

imm32

ImmSetCompositionWindow

ntdll

RtlLookupFunctionEntry

d3d9

Direct3DCreate9

psapi

GetModuleInformation

userenv

UnloadUserProfile

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy

api-ms-win-crt-stdio-l1-1-0

fopen

api-ms-win-crt-runtime-l1-1-0

_errno

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-heap-l1-1-0

realloc

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-filesystem-l1-1-0

_unlock_file

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

shell32

ShellExecuteA

wtsapi32

WTSSendMessageW

Exports

Exports

��QP�s�Ja��X�l��U� �5m2�>Xjoa1 :��I��|ެ�-� �XO T�9ͨ�A��Rʗe��V�c0Q�� v�R��m8#�0[Daw�f�k�ކ��(h��W!�r e��=Y��v�ax��(u��3��7]�*p�*��L�R}]�^�� :~z��m�xls��:w�8oe�R�+L��rR?�8} �.�@��>��gB�cU�S�n��0a��w �1��}Ц& ��H�'ϳq+S�L}U<�<�;�p��R��?�mHHF��:��<�d3s�>)�/ ��Q-w�©o3Rv �SqJ,?P��0�&a�� T�j;��X�RZmzvs��'��\ȶ�=U&H �Gii}��m�=��~Y3� �<ǳ܀ J�T�0'4�PN-:8��@�;*D��\7:x'\�g�G6w�қ�O��z�o��a�<O��W>.��_bKn᝞�vj_�[w�-�� P��I�O�O�G>&>99s8Z�>>�Ղ��E[��|�ǟ�kwˢ4��\5q2u;��r��y��1l8�I��ྒ�?��\�15L��ڦG��R��L>@��-,�lLܬ?��iXŦ.psֺ�I�q��a��R�� '��ٓ��C{�Qс��b�*��0��Y�*��y��ćh��])a��4f\ ?ߩ��A��Z��0n�>5u>20��HO��{�AVp�|nz�huK/�>��_��E-��0�Z��N��5僉�%ߗO�͡��{�I��vH��]�>�j�[,�AfI��4�l��Ciu-�Wn��&X)� <ɹ ��U��w��lѧ��M�Q}`�Sϓ`��2�b��vV��>>��s%@�E6�,��q��<��T��鐫Ä́ʆZ��1BC"��z��缕/�=c@��G��_�ݡ�@�� n�6��#��U�6��+~��-H v��C�XWk��J[GL��ѫo �.�3��u�WEɨ�Z�;?�4N$�\n ��ق7f��7�5s0��U�]��=�x��ށ7��|<�^�C5Š{'!i*,jr�ҤP��_�OEZ�'I��yi>]>N/Q��<GX��NT�[� |��\US$� JA:��+1��pw�� <O�Y��į�슿#�N��J�9Z��[J��#ys��z�O`��:D��j��e��l�U�ie�M��:D��o�l�\%�zY�\��9�v '3��]0kE�YM_] �v�)��)�(�Y�:>1G�+L�"��kL��/�2jȃ�uǝ��mi^F| -pζ�t��.:��?��DV�F��ۓ̩2��F��v>Rɝ?Xҗ׳9�)�sv<��x�se7/�8��l��'F:�r�#Q�~��mm��Eh<�4�� D��e�kq:�M ��*ßCY�V�a��q�(')m0,��y��Z`P{��g�%�o�~Q=��-��γo��+�P��J��(rr�X��I��l*إ�Ow���K��(��+P7M.]B~�A��r�a��hupӎ��g�N�]��`̅<��o>;b�pp?�o`�� 8��F�^a~�@7��n�Z��W��Zd��a|�Pf��G^�i��c�;�"��&B��z�F�o�#R�ð��G��a_{�_�� ,V��-�� nX��jfי|�E}�`QX"��pu�J�a�xm�4[H�%��/��@/�tKx޾K0�x�fW��儵0>�tcs��϶ʦ2�`T/XV3�a�e�R\O1�bm�Ǵ��vR��z��'5��3��-voQ'�׋NK�*��\~��F"Ke.C��-7bq��H��\*Dv�_K��չ��r8~��ы��gPNq��ZsK�MY��B��k�g�@�iњj$��au8�y�%��a�V�}�c��bPt�0�Q�I�#ҩ�R�� (��b.�B�:��Y��%��6�R��)ա-�脄�w-ב��rfʪ�?3B�,�/,1��9��Is��(�$�$��Z՚Ot��B�*��o<�2��< ��'7p��!x�a�h*�~D�P��ԧ�E�� ͺ罵pZ��Lq��%�s�J��6t��j�=*�)c#ߢ�_yⷘ��W��I�W�?q�'i� �4��'V o��X� R��4�䁒�i�q: s�&&G�3z� ��?�A�g5��>-*��^��<��F��wp^��cn3Gs�X��j��Dq�Sv�d8�(dAg%��JG�kA&9��L��=��9��%��D�Lݑ�a�SU|Ln�E��,�D��ޜlY�=�M5ܕ�]��6�Ţ��q��39��)6+�(3��x�m�*ۉ]�c�3^�q�";�_�<�H��D��0i!�N��Ȱ��V�;��qy'��M{�LgFQ��0��g� S��̺��f#,2d��nX�ך�^�٥BT��}��b&�)L��/B;<1�A��O��M��TAb�]b�P3ӥ/��N��ތ�Lïl��%)s4��ň2��D�B��Ef'4�Q.%R��$�Y� n��*��@\��?pu�j�}�p_��o��ib�u6#�J��w`��Fo�2�}�׻{r��V�)��qx��<�j)v�W�۰?ס�%O��/8�ogH��Uh��eEr��_ ��I��Sg��`�P��)}��#�2E]0\C��K/�cp1�Ic-~S=4$R� ��O:� jb��K;׸Qz�M�?��஗��4�8�g��^~1ۃ�J��6:5<��c�eyh�y�|��}��A�K ��JWq�Y<��(�� Qf<��^�CsU�r�,"�~��fP��Puӥ&

Sections

.text
Size: - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.py0
Size: - Virtual size: 14.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.py1
Size: 16.7MB - Virtual size: 16.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WareHub Crack/inject - Copy - Copy.bat
WareHub Crack/unloada.bat
WareHub Crack/warehub
WareHub Crack/xGen.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 22KB - Virtual size: 22KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 132KB - Virtual size: 131KB

.rsrc Size: 1024B - Virtual size: 884B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 114KB - Virtual size: 114KB

.rsrc Size: 1024B - Virtual size: 884B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 71KB - Virtual size: 70KB

.rsrc Size: 1024B - Virtual size: 884B

.reloc Size: 512B - Virtual size: 12B

70dfe1c194031d3252b9408bb884ac7b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

crypt32

normaliz

kernel32

user32

advapi32

msvcp140

imm32

ntdll

d3d9

psapi

userenv

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

shell32

wtsapi32

Exports

Exports

Sections

.text
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 132KB - Virtual size: 131KB

.rsrc
Size: 1024B - Virtual size: 884B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 1024B - Virtual size: 884B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 1024B - Virtual size: 884B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 616KB

.rdata
Size: - Virtual size: 133KB

.data
Size: - Virtual size: 1.1MB

.pdata
Size: - Virtual size: 26KB

.py0
Size: - Virtual size: 14.2MB

.py1
Size: 16.7MB - Virtual size: 16.7MB

.reloc
Size: 512B - Virtual size: 220B

.rsrc
Size: 512B - Virtual size: 469B

.text
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B