RebelCracked[.]exe | Triage

Resubmissions

01-10-2024 19:23

241001-x3tkyszekh 10

01-10-2024 19:14

241001-xxtc1awdmj 10

30-09-2024 22:07

240930-11v8jsxdnm 10

30-09-2024 21:59

240930-1wfmas1crg 10

30-09-2024 20:26

240930-y8bg1atepl 10

26-09-2024 20:34

240926-zcgvkszbmg 10

26-09-2024 19:28

240926-x6rkrstfrr 10

26-09-2024 19:21

240926-x2mq1swhnh 10

26-09-2024 19:20

240926-x19jdstdpl 10

25-09-2024 21:15

240925-z4dx1a1elf 10

Sharing

General

Target

RebelCracked.exe
Size

344KB
MD5

a84fd0fc75b9c761e9b7923a08da41c7
SHA1

2597048612041cd7a8c95002c73e9c2818bb2097
SHA256

9d9a79f4ae9bf7a992945f6c06c5bec642c05e4e828217c50255dabfa3677006
SHA512

a17f1144a0e3ce07c7ed6891987c5b969f291e9991442c33750028d35e2194794e8a649c397e8afc9f8ce19d485c453600c75cab4fcead09e38414d85819251a
SSDEEP

6144:lOcpeK8lucxAtLNFHUVuI/2zj1z6jZ755NofmWx4PCQL23wBw7R0ljTwrVuAdJKp:QcpSnx0LNFDQ60Ntbo5d7gBw7R7rbdJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

RebelCracked.exe

Files

RebelCracked.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ