SpectralSlash[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SpectralSlash.exe
Size

4.2MB
MD5

d8f903d18e5bcfdabdfe5db046713e3f
SHA1

39c9b846dec4c742d5b90f77b00ebf1b859dec12
SHA256

93cc2e8a31611e87d910a7362f857e04a0d11d8e444e1689ec762a6678c0061e
SHA512

6b37c1fe556a65bf92ca0b0d4c70a324aea7ea7051a2d8431846072bf860a8f5ddc636955100e006162f7999033dee1ab62b56065749eb6ce9444f54b1553a09
SSDEEP

49152:jT5tIX8QXN4nNwV/St7S4fG51K1UcROvWu9+8wT3rnL2YI08w4S6sVv9U4G2ksNR:jlZwxeXfG51KGcK9+8wjrLvMwk1Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SpectralSlash.exe

Files

SpectralSlash.exe
.exe windows x86

b03d23a27daa7fe411f0a54d18141cfa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

love

love_codename
love_version
?luax_resume@love@@YAHPAUlua_State@@H@Z
love_openConsole
luaopen_love

lua51

lua_pushcclosure
lua_pushstring
lua_tolstring
lua_tonumber
lua_pushboolean
lua_getfield
lua_createtable
lua_type
lua_isnumber
lua_pushvalue
lua_settop
lua_gettop
lua_newthread
lua_close
lua_setfield
lua_rawseti
lua_call
luaL_openlibs
luaL_newstate

msvcp120

?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcr120

_crt_debugger_hook
_except_handler4_common
_commode
_fmode
_acmdln
_initterm
__crtUnhandledException
__crtTerminateProcess
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
printf
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e

sdl2

SDL_ShowSimpleMessageBox
SDL_SetMainReady

kernel32

WideCharToMultiByte
VirtualFree
VirtualAlloc
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b03d23a27daa7fe411f0a54d18141cfa

Headers

DLL Characteristics

File Characteristics

Imports

love

lua51

msvcp120

msvcr120

sdl2

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 370KB - Virtual size: 370KB

.reloc Size: 1024B - Virtual size: 768B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 370KB - Virtual size: 370KB

.reloc
Size: 1024B - Virtual size: 768B