cls-lolz_x64[.]exe

General

Target

cls-lolz_x64.exe
Size

335KB
MD5

7234c4334a7523b1ac6f51c072497071
SHA1

e06a12c60a99bc4ccc2a21774c82c80a6159aa67
SHA256

d92f7c60256509f74e36d9b5aab041fe44999b1a3910d70aa83c9d01f062ea29
SHA512

9e51c0348ed975ba62482486581a03d5d6c17707542dd46eaa09ca15bcc85aab0f489092d974a4a998c3595a7de9873901e6e590ea25c739c6e976997dd86503
SSDEEP

6144:klTwtAltyt4ZzUp7RGUgayD3Ggw/u5FcKODiXklJguBgcyGzFoW5NjQj+S:MT7at4ZZ8yD3GgxIJgqb5oWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cls-lolz_x64.exe

Files

cls-lolz_x64.exe
.exe windows x64

c0a8a2bae1b83aaaeca742713f7f9bf9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WaitForSingleObject
SetEvent
CloseHandle
UnmapViewOfFile
CreateFileA
GetModuleFileNameA
WriteConsoleA
GetStdHandle
DeleteCriticalSection
VirtualFree
HeapFree
SetThreadPriority
CreateThread
LeaveCriticalSection
EnterCriticalSection
CreateEventA
HeapAlloc
GetProcessHeap
VirtualAlloc
InitializeCriticalSection
GetPrivateProfileStringA
ReadFile
GetSystemInfo
WriteFile
WaitForMultipleObjects
HeapReAlloc
DeleteFileA
GlobalMemoryStatus
GlobalMemoryStatusEx
CreateFileMappingA
MapViewOfFile
OpenFileMappingA
OpenEventA
SetEndOfFile
HeapSize
CreateFileW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
FormatMessageA
LoadLibraryA
GetThreadLocale
LoadLibraryExA
GetProcAddress
GetModuleHandleExA
GetEnvironmentVariableA
RtlUnwindEx
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
GetACP
SetFilePointerEx
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadConsoleW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CompareStringW
LCMapStringW
SetStdHandle
GetStringTypeW
WriteConsoleW

user32

MessageBoxA

Sections

.text
Size: 330KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0a8a2bae1b83aaaeca742713f7f9bf9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 330KB - Virtual size: 336KB

.idata Size: 3KB - Virtual size: 3KB

.text
Size: 330KB - Virtual size: 336KB

.idata
Size: 3KB - Virtual size: 3KB