Brobite.exe

First submission 2024-02-07 16:21:04

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 824.5 KB (844288 bytes)
Compile time: 2023-02-12 03:58:11
MD5: 82d7425c9f8297a3ca6dd38b2ed71920
SHA1: 911bc54e20cd1f31cfa436a321862dd33df606eb
SHA256: 2c842e8a9e3ab59cd6d22f252ac5ec9647585fd522c4df7d09422c80a9990777
Import Hash : 9cbe07299899d36fced0522536c0d21e
Sections 4 .text .rdata .data .rsrc
Directories 3 import resource debug
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXps://receitasdepascoa.com/Brobite.exe VirusTotal Report receitasdepascoa.com VirusTotal Report 2024-02-07 16:21:04

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0xb9276 758784 c4a5178a21167d4335919457edca56eb14600dd6 6ef90a47734ae592132a20cddbb7df72
.rdata 0xbb000 0x52f6 21504 ce7db803720ca3396b83ff4e4f5327e03b49e837 3446dcffb06e9cc8ba35a3e75152238a
.data 0xc1000 0x12528 20992 c2072c06cbc0de353d170b37a4d260d7b44ebb87 7e56b3becfa253b6b280e01a8d2da9f9
.rsrc 0xd4000 0x70258 41984 4b1e14b1f390fd6bd89ce6a354202be95b2a4b5b 282fa62b2783572e2222832735256a96

PE Resources 7

Name Language Sublanguage Offset Size Data
AFX_DIALOG_LAYOUT LANG_NEUTRAL SUBLANG_NEUTRAL 0xdc430 14
TAJONULE LANG_ROMANIAN SUBLANG_ROMANIAN 0xda5b0 7729
RT_ICON LANG_ROMANIAN SUBLANG_ROMANIAN 0xda0e0 1128
RT_STRING LANG_ROMANIAN SUBLANG_ROMANIAN 0xdde80 978
RT_ACCELERATOR LANG_ROMANIAN SUBLANG_ROMANIAN 0xdc3e8 72
RT_GROUP_ICON LANG_ROMANIAN SUBLANG_ROMANIAN 0xda548 104
RT_VERSION LANG_NEUTRAL SUBLANG_NEUTRAL 0xdc440 496

Meta infos 6

FileVersion: 1.24.72.42
FileDescription: Black
Translation: 0x0407 0x0672
ProductName: Mustifest
OriginalFilename: Wonder
ProductVersion: 94.56.64.72

Packers detected 2

Microsoft Visual C++ 8
VC8 -> Microsoft Corporation

Anti debug functions 5

GetLastError
IsDebuggerPresent
RaiseException
TerminateProcess
UnhandledExceptionFilter

Strings analysis - File found

Library
KERNEL32.dll
mscoree.dll
WINHTTP.dll
USER32.dll
GDI32.dll
MSIMG32.dll

Strings analysis - Possible IPs found 2

94.56.64.72
1.24.72.42

Import functions