bruh[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

bruh.exe
Size

6.6MB
MD5

8dd0168c58ac63450ab250b16cb82ffc
SHA1

d8faf7e8c4ef57ce5fa205906c26fc20de06a91a
SHA256

7f822695821a6edc5875c58b85b65085d114389336d413260c6032dd567866ed
SHA512

88896b4514aa837d595265bfca5e02b3cfe3c75c6edf184ad15a7fd9dd36c54b0055770f013235034e2fac7cd09898dbdd802aeca7f14ed572f6750781afd788
SSDEEP

98304:/yWjs6pps+5wUGfFx9G8q83lnDmdhzmK7OFMfZbXD:a3hqNs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bruh.exe

Files

bruh.exe
.exe windows:6 windows x64 arch:x64

88cf86d13733892771dfc3fcc49fc333

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\User\Documents\GitHub\bruh\target\release\deps\bruh.pdb

Imports

ole32

CoCreateInstance
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoInitializeEx
OleInitialize

user32

SetClipboardData
RegisterClipboardFormatW
GetPropW
CallWindowProcW
SetPropW
RemovePropW
ClientToScreen
RegisterRawInputDevices
RegisterWindowMessageA
MsgWaitForMultipleObjectsEx
SetCapture
CreateIcon
GetRawInputData
SystemParametersInfoA
ChangeDisplaySettingsExW
MonitorFromPoint
IsProcessDPIAware
SetWindowTextW
MapVirtualKeyW
SendInput
SetForegroundWindow
ShowWindow
CloseClipboard
GetSystemMenu
EnableMenuItem
GetWindowLongW
AdjustWindowRectEx
GetClipCursor
ClipCursor
ShowCursor
GetWindowRect
IsIconic
DestroyIcon
GetKeyState
GetMessageW
GetKeyboardLayout
ToUnicodeEx
SystemParametersInfoW
MapVirtualKeyA
FlashWindowEx
CreateWindowExW
RegisterClassExW
SetWindowDisplayAffinity
GetMonitorInfoW
MonitorFromWindow
CloseTouchInputHandle
GetTouchInputInfo
SetCursor
LoadCursorW
TrackMouseEvent
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetDC
GetClassInfoExW
GetClassNameW
SetWindowPlacement
SetWindowLongW
GetWindowPlacement
MonitorFromRect
GetMenu
ScreenToClient
RegisterTouchWindow
GetUpdateRect
DefWindowProcW
PostThreadMessageW
ValidateRect
SetWindowLongPtrW
GetWindowLongPtrW
DispatchMessageW
TranslateMessage
PeekMessageW
GetForegroundWindow
ReleaseCapture
GetCursorPos
InvalidateRgn
SetWindowPos
SendMessageW
GetSystemMetrics
GetActiveWindow
GetClientRect
CreateIconFromResourceEx
ReleaseDC
DestroyWindow
PostMessageW
RedrawWindow
EnumDisplayMonitors
GetKeyboardState

gdi32

SwapBuffers
DeleteObject
SetPixelFormat
ChoosePixelFormat
DescribePixelFormat
GetDeviceCaps
CreateRectRgn

opengl32

wglGetCurrentContext
wglGetProcAddress
wglShareLists
wglGetCurrentDC
wglMakeCurrent
wglDeleteContext
wglCreateContext

shlwapi

AssocQueryStringW

kernel32

GetCurrentThreadId
GetProcAddress
GetFileInformationByHandleEx
GetFileInformationByHandle
CreateFileW
CreateMutexA
WaitForSingleObjectEx
HeapReAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
TryAcquireSRWLockExclusive
TerminateProcess
GetExitCodeProcess
SleepEx
WriteFileEx
ReadFile
GetCurrentProcessId
GetStdHandle
DuplicateHandle
GetCommandLineW
GetConsoleMode
GetEnvironmentVariableW
GetEnvironmentStringsW
SetLastError
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThread
GetCurrentProcess
DeleteFileW
SetThreadStackGuarantee
AddVectoredExceptionHandler
CompareStringOrdinal
FindClose
ReleaseMutex
FreeEnvironmentStringsW
GetModuleHandleA
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
SetEvent
CreateEventW
ResetEvent
HeapAlloc
InitializeSListHead
RtlVirtualUnwind
IsDebuggerPresent
LoadLibraryA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
HeapFree
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
IsProcessorFeaturePresent
AcquireSRWLockShared
ReleaseSRWLockShared
ExitProcess
GetFullPathNameW
FindFirstFileW
CreateNamedPipeW
ReadFileEx
MultiByteToWideChar
WideCharToMultiByte
GlobalFree
GetSystemDirectoryW
GetWindowsDirectoryW
GlobalAlloc
SwitchToThread
InitOnceExecuteOnce
MapViewOfFile
CreateFileMappingA
GetFileSizeEx
UnmapViewOfFile
FormatMessageW
GlobalUnlock
ReleaseSemaphore
GlobalSize
GlobalLock
Sleep
CreateSemaphoreA
OutputDebugStringA
CreateProcessW
SetThreadErrorMode
GetFileAttributesW
WriteConsoleW
GetModuleFileNameW
GetSystemTimeAsFileTime
FreeLibrary
TlsSetValue
TlsGetValue
CreateThread
GetCurrentDirectoryW
GetLastError
LoadLibraryExW
LoadLibraryW

dwmapi

DwmEnableBlurBehindWindow

shell32

DragFinish
DragQueryFileW

uiautomationcore

UiaRaiseAutomationPropertyChangedEvent
UiaRaiseAutomationEvent
UiaLookupId
UiaReturnRawElementProvider
UiaHostProviderFromHwnd
UiaGetReservedNotSupportedValue

oleaut32

SetErrorInfo
SysAllocStringLen
SysStringLen
SafeArrayPutElement
SafeArrayCreateVector
GetErrorInfo
SysFreeString

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps

uxtheme

SetWindowTheme

imm32

ImmAssociateContextEx
ImmReleaseContext
ImmSetCandidateWindow
ImmGetContext
ImmGetCompositionStringW

advapi32

SystemFunction036

ntdll

NtWriteFile
NtReadFile
RtlNtStatusToDosError

bcrypt

BCryptGenRandom

msvcp140

??1ios_base@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
??0ios_base@std@@IEAA@XZ
?_Xbad_alloc@std@@YAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?fail@ios_base@std@@QEBA_NXZ
?classic@locale@std@@SAAEBV12@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xout_of_range@std@@YAXPEBD@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z

vcruntime140

memcmp
memcpy
memmove
_purecall
memset
__std_type_info_compare
memchr
__C_specific_handler
__intrinsic_setjmp
__current_exception
__std_exception_destroy
longjmp
__current_exception_context
__std_exception_copy
_CxxThrowException
__CxxFrameHandler3

api-ms-win-crt-math-l1-1-0

ceilf
sinf
cosf
roundf
fmodf
floor
trunc
round
expf
truncf
cos
__setusermatherr
fmod
log2
exp2
exp
atanh
acosh
asinh
sin
ceil
atan2
atan
powf
_hypotf
floorf
atan2f
log
pow
exp2f
acosf
cbrtf
asin
sqrtf
tanh
sqrt
_dtest
cosh
sinh
nextafterf
log2f
_fdtest
acos
cbrt
tan
remainder
frexp

api-ms-win-crt-runtime-l1-1-0

_invoke_watson
_set_app_type
_invalid_parameter_noinfo_noreturn
_errno
abort
_register_onexit_function
_crt_atexit
_register_thread_local_exe_atexit_callback
_c_exit
terminate
_initialize_onexit_table
_seh_filter_exe
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
__p___argc
__p___argv
exit
_cexit

api-ms-win-crt-string-l1-1-0

strcmp
wcscmp
isalnum
strlen
wcslen
strcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vsnprintf_s
__acrt_iob_func
fread
__stdio_common_vfprintf
_set_fmode
fflush
_fileno
fputc
fclose
fwrite
fseek
ftell
_wfopen
fopen
_get_osfhandle
__p__commode

api-ms-win-crt-heap-l1-1-0

_callnewh
free
_msize
calloc
malloc
_set_new_mode
realloc

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-environment-l1-1-0

getenv_s

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88cf86d13733892771dfc3fcc49fc333

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

user32

gdi32

opengl32

shlwapi

kernel32

dwmapi

shell32

uiautomationcore

oleaut32

winmm

uxtheme

imm32

advapi32

ntdll

bcrypt

msvcp140

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 10KB - Virtual size: 15KB

.pdata Size: 126KB - Virtual size: 125KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 10KB - Virtual size: 15KB

.pdata
Size: 126KB - Virtual size: 125KB

.reloc
Size: 22KB - Virtual size: 22KB