NoWayHome[.]exe-Source-Code-main[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

NoWayHome.exe-Source-Code-main.zip
Size

1.3MB
MD5

400228ca305d5dfd785bec2bb541ed86
SHA1

d9bc253f3b656d50f7e031bf0978cb9708edc10a
SHA256

883258fdad7a31fbecc21dec7e7e1da36b77d00d8c3a83f7353c3b2ea13d83a5
SHA512

95deab8f2311b919bb9c99c058889e955779235167314b07ed63613163db8cc864b6eada2d41c6caddb9e404a468075a8a6c7e4cc1788604c9aa1e22eb90c137
SSDEEP

24576:x7t99ycPYUikAcMzPZ+BqIwGKaaT8DvNF9nqVWW4QPpOn0Vdma:x7tD1ykQ6wkaT8DvNFhqgW4CpO0fj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NoWayHome.exe-Source-Code-main/NoWayHomeDebug/Release/NoWayHomeDebug.exe

Files

NoWayHome.exe-Source-Code-main.zip
.zip
NoWayHome.exe-Source-Code-main/LICENSE
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/Icon1.ico
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug.sln
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHome.cpp
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHome.h
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHomeDebug.aps
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHomeDebug.rc
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHomeDebug.vcxproj
.xml
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHomeDebug.vcxproj.filters
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/NoWayHomeDebug.vcxproj.user
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHome.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.exe.recipe
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.iobj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.ipdb
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.log
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.res
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/CL.command.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/CL.read.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/CL.write.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/NoWayHomeDebug.lastbuildstate
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/link.command.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/link.read.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/link.write.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/rc.command.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/rc.read.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/NoWayHomeDebug.tlog/rc.write.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/Source.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/payloads.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/registrykeys.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Release/vc143.pdb
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/Source.cpp
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/payloads.cpp
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/payloads.h
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/registrykeys.cpp
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/registrykeys.h
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/resource.h
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/NoWayHome.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/NoWayHomeDebug.log
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/NoWayHomeDebug.tlog/CL.command.1.tlog
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/NoWayHomeDebug.tlog/NoWayHomeDebug.lastbuildstate
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/payloads.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/registrykeys.obj
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/vc143.idb
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/NoWayHomeDebug/x64/Debug/vc143.pdb
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/Release/NoWayHomeDebug.exe
.exe windows x86

ed20bda03e2c33e162b377e82674c5b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
CopyFileA
GetSystemDirectoryA
TerminateThread
Beep
ExitProcess
CreateFileA
GetSystemTime
lstrcatW
GetLastError
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetModuleHandleA
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
CreateFileW
LocalAlloc
FindClose
SetFilePointer
RemoveDirectoryW
WriteFile
GetCurrentProcess
FindNextFileW
GetSystemDirectoryW
GetModuleFileNameA
lstrcmpW
lstrcpyW
FreeLibrary
GetProcAddress
CreateThread
LoadLibraryW
CloseHandle
GetCurrentThreadId
DeleteFileW
GetModuleHandleW
FindFirstFileW

user32

BlockInput
ExitWindowsEx
MessageBoxW
FindWindowW
FindWindowA
GetForegroundWindow
UpdateWindow
SystemParametersInfoW
FindWindowExW
GetWindowRect
GetDC
SetWindowPos
SendMessageW
GetSystemMetrics
ShowWindow
MessageBoxA
SetForegroundWindow
SendInput
GetWindowDC
GetDesktopWindow

gdi32

BitBlt
SelectObject
PatBlt
StretchBlt
TextOutW
SetTextColor
LineTo
SetBkColor
CreateSolidBrush
RoundRect

advapi32

OpenProcessToken
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegSetValueExA
RegSetValueExW
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

ntdll

NtSetInformationProcess
RtlAdjustPrivilege

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvcp140

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

vcruntime140

__current_exception
__current_exception_context
_CxxThrowException
_except_handler4_common
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
memset
memcpy
memmove

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-stdio-l1-1-0

__p__commode
fputc
_fseeki64
_set_fmode
ungetc
_get_stream_buffer_pointers
setvbuf
fgetpos
fwrite
fsetpos
fread
fgetc
fclose
fflush

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-runtime-l1-1-0

_initterm
_initialize_narrow_environment
_configure_narrow_argv
exit
_exit
_set_app_type
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initterm_e
_seh_filter_exe
_invalid_parameter_noinfo_noreturn
_get_narrow_winmain_command_line
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_controlfp_s
terminate

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
_callnewh
free

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NoWayHome.exe-Source-Code-main/NoWayHomeDebug/Release/NoWayHomeDebug.pdb
NoWayHome.exe-Source-Code-main/README.md

Sharing

General

Malware Config

Signatures

Files

ed20bda03e2c33e162b377e82674c5b0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ntdll

version

msvcp140

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 2KB - Virtual size: 1KB