Kraken_Compress
Kraken_Decompress
Static task
static1
1 signatures
General
-
Target
red4-conflicts.exe
-
Size
165.6MB
-
MD5
91ff68c0bc7d44f37fba548a240959dd
-
SHA1
d5cdd395e12bd0fd8a55047e33bf19b86cf9d0e8
-
SHA256
f2ca9c7ae08b0157b7fb39dfade635fd7a3dcb9679e1f0f15402b8c5a6f77e17
-
SHA512
c9e24b9f26a5896ec2a5e975a7a59b113bcce9e5111a29c367019f71d2d808843d4416b066cf3ac93b75aeb726cff6e15edc3488072a25fdc2cc49f09f0b3a46
-
SSDEEP
196608:JB9j5yJBhGZWZDZyZ9LALmLQL2YpLunXnTnXndn2S04m1gefeie+eYe4YVF1tetT:JB6JIg1ogtSwCc86xj6WGrD
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource red4-conflicts.exe
Files
-
red4-conflicts.exe.exe windows:6 windows x64 arch:x64
e5310071fccbd7f1235d226c14d904a0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GlobalLock
Sleep
SetThreadErrorMode
GetModuleFileNameW
FreeLibrary
LoadLibraryW
GetCurrentThreadId
GlobalSize
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
LoadLibraryA
CloseHandle
InitializeSListHead
LoadLibraryExW
FormatMessageW
GetSystemTimeAsFileTime
CreateThread
WriteConsoleW
ReleaseSRWLockExclusive
GetFileAttributesW
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
CreateNamedPipeW
GetProcAddress
GetFullPathNameW
ExitProcess
GetModuleHandleW
lstrlenW
GetConsoleMode
GlobalAlloc
GlobalFree
MultiByteToWideChar
GlobalUnlock
GetModuleHandleA
FreeEnvironmentStringsW
ReleaseMutex
FindClose
ReleaseSRWLockShared
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
AcquireSRWLockExclusive
DuplicateHandle
SetFilePointerEx
IsProcessorFeaturePresent
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
GetFileInformationByHandle
CreateFileW
FindNextFileW
GetStdHandle
GetCurrentProcessId
CreateMutexA
WaitForSingleObjectEx
WriteFileEx
SleepEx
ReadFileEx
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
TryAcquireSRWLockExclusive
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
GetProcessHeap
HeapFree
AcquireSRWLockShared
HeapReAlloc
ole32
OleInitialize
RegisterDragDrop
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
RevokeDragDrop
user32
GetMenu
MonitorFromRect
IsProcessDPIAware
CreateIcon
DestroyIcon
AdjustWindowRectEx
GetWindowLongW
EnableMenuItem
GetSystemMenu
SetWindowLongW
ShowWindow
SetForegroundWindow
SendInput
MapVirtualKeyW
SetWindowTextW
GetRawInputData
TrackMouseEvent
LoadCursorW
SetCursor
GetTouchInputInfo
RedrawWindow
ReleaseDC
CloseTouchInputHandle
ScreenToClient
MonitorFromPoint
GetKeyState
GetKeyboardState
GetCursorPos
EnumDisplayMonitors
MonitorFromWindow
PostMessageW
PeekMessageW
GetMonitorInfoW
TranslateMessage
IsIconic
ClipCursor
GetClipCursor
ShowCursor
GetWindowRect
SetCapture
SetWindowPos
MsgWaitForMultipleObjectsEx
GetClientRect
RegisterWindowMessageA
RegisterRawInputDevices
InvalidateRgn
RegisterClipboardFormatW
GetKeyboardLayout
SetClipboardData
CloseClipboard
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
ToUnicodeEx
ClientToScreen
SystemParametersInfoA
DispatchMessageW
GetClassInfoExW
GetClassNameW
DestroyWindow
GetUpdateRect
DefWindowProcW
GetDC
PostThreadMessageW
ValidateRect
SetWindowLongPtrW
SetWindowDisplayAffinity
GetWindowLongPtrW
RegisterTouchWindow
CreateIconFromResourceEx
SendMessageW
GetSystemMetrics
SetWindowPlacement
GetWindowPlacement
ChangeDisplaySettingsExW
CreateWindowExW
RegisterClassExW
GetMessageW
MapVirtualKeyA
FlashWindowEx
GetForegroundWindow
GetActiveWindow
ReleaseCapture
shell32
DragQueryFileW
SHCreateItemFromParsingName
DragFinish
SHGetKnownFolderPath
gdi32
ChoosePixelFormat
DescribePixelFormat
SwapBuffers
DeleteObject
SetPixelFormat
CreateRectRgn
GetDeviceCaps
dwmapi
DwmEnableBlurBehindWindow
opengl32
wglMakeCurrent
wglShareLists
wglDeleteContext
wglGetCurrentContext
wglGetCurrentDC
wglGetProcAddress
wglCreateContext
shlwapi
AssocQueryStringW
winmm
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
imm32
ImmSetCandidateWindow
ImmGetCompositionStringW
ImmGetContext
ImmReleaseContext
ImmAssociateContextEx
uxtheme
SetWindowTheme
advapi32
SystemFunction036
ntdll
NtReadFile
RtlNtStatusToDosError
NtWriteFile
bcrypt
BCryptGenRandom
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
vcruntime140
__C_specific_handler
_CxxThrowException
memcpy
__CxxFrameHandler3
memset
memmove
memcmp
__current_exception_context
__std_exception_copy
__std_exception_destroy
__current_exception
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
__stdio_common_vfprintf
__acrt_iob_func
api-ms-win-crt-heap-l1-1-0
_set_new_mode
free
_callnewh
malloc
api-ms-win-crt-runtime-l1-1-0
_set_app_type
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_crt_atexit
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
exit
_wassert
_invalid_parameter_noinfo_noreturn
terminate
__p___argc
__p___argv
_seh_filter_exe
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_register_onexit_function
api-ms-win-crt-math-l1-1-0
floor
trunc
roundf
floorf
ceilf
truncf
round
expf
sinf
cos
sin
ceil
powf
__setusermatherr
_hypotf
exp2f
cosf
cbrtf
acosf
atan2f
api-ms-win-crt-string-l1-1-0
strlen
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Exports
Exports
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 163.4MB - Virtual size: 163.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 79KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ