AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Static task
static1
1 signatures
General
-
Target
Astral Ascent.exe
-
Size
127.8MB
-
MD5
f0835b8d3ab044bfd525cb5f4de946f1
-
SHA1
eee8c091ec4ef9a892c06d2f0f3aa54c3c4687ea
-
SHA256
d96f5204d6d9d2ab9c0d2bb801ae6bf6958d329e3f83e7d4cc2016c7028002dd
-
SHA512
53a713340b4109b03e5db33cc87586c2c295ce22268886a1c7e66656ee1ae13e5fb660fcb2e9eccd93f04d5f9fc6b3832a7c9b5b33933afe9c47e27a0076a0d9
-
SSDEEP
393216:nnfqyVOnCTZB8bNJuS1QSjl6SCATOKO/25OM3qGbFeUXbJMLzy4I13p+BeuGybY2:fq/CtSbD17UU+nvy8JL
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Astral Ascent.exe
Files
-
Astral Ascent.exe.exe windows:6 windows x64 arch:x64
12f3961ab550b21ac493c68a6ed01d6d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
d3d11
D3D11CreateDevice
winmm
waveInPrepareHeader
waveInClose
waveInOpen
waveInGetDevCapsW
waveInGetNumDevs
waveOutReset
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutGetErrorTextW
waveOutGetDevCapsW
waveOutGetNumDevs
timeEndPeriod
timeBeginPeriod
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveOutWrite
user32
EmptyClipboard
GetClipboardData
TrackMouseEvent
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageExtraInfo
PostMessageW
DefWindowProcW
SystemParametersInfoW
SystemParametersInfoA
DrawTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
PostThreadMessageW
GetRawInputDeviceList
GetRawInputDeviceInfoA
GetDesktopWindow
SetWindowRgn
MonitorFromWindow
MonitorFromRect
CreateIconFromResource
SetClipboardData
SetWindowsHookExW
GetWindowThreadProcessId
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
IntersectRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RemovePropW
SetPropW
SetForegroundWindow
SetActiveWindow
GetFocus
SetFocus
FlashWindowEx
SetLayeredWindowAttributes
ShowWindow
CreateWindowExW
RegisterClassW
AttachThreadInput
SendMessageW
RegisterRawInputDevices
CreateIconIndirect
CopyImage
LoadCursorW
CloseClipboard
SetCursorPos
ReleaseCapture
SetCapture
CallWindowProcW
OpenClipboard
UnregisterClassW
RegisterClassExW
GetClassInfoExW
SetWindowPos
IsIconic
GetKeyState
GetAsyncKeyState
SetTimer
KillTimer
GetSystemMetrics
GetMenu
MessageBoxA
UnhookWindowsHookEx
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ReleaseDC
GetDC
MapVirtualKeyW
ToUnicode
GetKeyboardState
GetKeyboardLayout
IsClipboardFormatAvailable
GetClipboardSequenceNumber
DestroyWindow
CreateWindowExA
RegisterClassExA
UnregisterClassA
UnregisterDeviceNotification
RegisterDeviceNotificationW
GetDoubleClickTime
RegisterWindowMessageA
GetRawInputData
DestroyIcon
LoadIconW
CallNextHookEx
GetWindowLongW
IsRectEmpty
ClipCursor
ScreenToClient
ClientToScreen
GetClipCursor
GetCursorPos
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetPropW
ValidateRect
InvalidateRect
GetUpdateRect
GetForegroundWindow
gdi32
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
GetTextMetricsW
GetTextExtentPoint32A
CreateFontIndirectW
BitBlt
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateRectRgn
CombineRgn
SetDeviceGammaRamp
GetDeviceGammaRamp
GetICMProfileW
CreateBitmap
GetDIBits
GetDeviceCaps
CreateDCW
CreateCompatibleBitmap
CreateDIBSection
imm32
ImmGetContext
ImmReleaseContext
ImmAssociateContextEx
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetIMEFileNameA
ImmAssociateContext
ImmGetCompositionStringW
ImmGetCandidateListW
ImmSetCompositionStringW
ImmNotifyIME
ole32
CoCreateInstance
CLSIDFromString
PropVariantClear
CoUninitialize
CoTaskMemFree
CoInitializeEx
oleaut32
SysFreeString
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
advapi32
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegQueryValueExW
setupapi
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
CM_Get_Device_IDA
CM_Locate_DevNodeA
CM_Get_Parent
shell32
SHGetFolderPathW
ShellExecuteA
SHGetKnownFolderPath
DragQueryFileW
DragFinish
ExtractIconExW
DragAcceptFiles
ShellExecuteW
CommandLineToArgvW
kernel32
InitializeCriticalSectionEx
WakeConditionVariable
InitializeConditionVariable
TryAcquireSRWLockExclusive
GetExitCodeThread
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetModuleHandleExW
CompareStringA
LoadLibraryExW
TlsSetValue
TlsGetValue
TlsAlloc
GetACP
CreateEventW
CancelIo
GetOverlappedResult
DeviceIoControl
VerSetConditionMask
IsDebuggerPresent
SetEnvironmentVariableA
GetEnvironmentVariableA
CreateSemaphoreW
InitializeCriticalSectionAndSpinCount
Process32Next
Process32First
CreateToolhelp32Snapshot
GlobalMemoryStatusEx
TerminateProcess
ExitProcess
GetCurrentProcess
SetThreadExecutionState
MulDiv
GetModuleHandleW
GetModuleFileNameW
SetErrorMode
SetFilePointerEx
GetFileSizeEx
RaiseException
AreFileApisANSI
ReadFile
HeapCreate
HeapFree
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlPcToFileHeader
RtlUnwindEx
RtlUnwind
TlsFree
ExitThread
FreeLibraryAndExitThread
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetEnvironmentVariableW
GetCurrentDirectoryW
SetConsoleCtrlHandler
GetStdHandle
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetStdHandle
GetConsoleOutputCP
GetTimeZoneInformation
GetSystemPowerStatus
IsValidCodePage
UnlockFileEx
GetTempPathW
CreateMutexW
CreateFileW
GetFileAttributesW
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
VerifyVersionInfoW
CreateEventA
FlushViewOfFile
CreateFileA
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSize
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetSystemTimeAsFileTime
CreateFileMappingW
EnterCriticalSection
LeaveCriticalSection
Sleep
CloseHandle
InitializeCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseSemaphore
WaitForSingleObjectEx
WriteConsoleW
CreateSemaphoreA
SetThreadPriority
AllocConsole
GetLocaleInfoA
GetUserDefaultUILanguage
GetLastError
WaitForSingleObject
CreateThread
GetCurrentThread
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameW
LocalFree
FormatMessageA
FormatMessageW
ResetEvent
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemTime
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
SetWaitableTimer
SwitchToThread
CreateWaitableTimerA
FlushFileBuffers
GetTickCount
MapViewOfFile
ws2_32
shutdown
freeaddrinfo
getaddrinfo
WSAGetLastError
socket
WSAStartup
send
recv
ioctlsocket
connect
closesocket
Exports
Exports
Sections
.text Size: 58.7MB - Virtual size: 58.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44.0MB - Virtual size: 44.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18.3MB - Virtual size: 45.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rodata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 128KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5.5MB - Virtual size: 5.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ