Behavioral task
behavioral1
Sample
973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e.exe
Resource
win10v2004-20231215-en
General
-
Target
973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e
-
Size
272KB
-
MD5
38f7a1d92ea5ae4d455161c2aca7768d
-
SHA1
7ca0803da734638ff12ea51fe792a1bf7e086da5
-
SHA256
973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e
-
SHA512
15f5fe2935ce5a2b80a97164808e29b6b0ae59bc1851d06abccaea3d30fa6338de056f7d2f92ba14f6ac3947fd5d8685829ba1afa4f9582ef3d4b824fa156437
-
SSDEEP
6144:Uy/V0URl81gxrLa74x+yfqHd65Bg4CqqzivI:1/V0URe1glAyf5etqqN
Malware Config
Extracted
bruteratel
localhost:8888
-
c2_auth
3CO5EPSNRJNB1SO6
-
uri
/dashboard.php
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
Signatures
-
Bruteratel family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e
Files
-
973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e.exe windows:4 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 270KB - Virtual size: 269KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE