Static task
static1
General
-
Target
The-BEST-Roblox-PC-Executer-Is-Released-KEYLES-772861 (1).zip
-
Size
17.4MB
-
MD5
4d2919c373302a40d82c80292661c95f
-
SHA1
3b6c7a39876c6a3723213bd79f97a9f7e1fd5a1a
-
SHA256
e9591e6c786857060069f3c31cae00f81bfb7eb36b9467357b9381f0a6820420
-
SHA512
328cb8e70805435a3f9a7af884f3cdc9a81e9cab144e1f45939506b1799974677f164b04e15380bf6606e9a8939363350aa9911f8d9308baa0e86e4ab0df2ebd
-
SSDEEP
393216:YGVhN/LbnlG6+HciSCYOtMpQYCq4YJuO/W0SlUVx:FhN/Q6sSstoQ3SuO/WNlKx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/App_02029.exe
Files
-
The-BEST-Roblox-PC-Executer-Is-Released-KEYLES-772861 (1).zip.zip
-
App_02029.exe.exe windows:6 windows x86 arch:x86
d8359e6572c0fb9f719d599358e232e9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetUnhandledExceptionFilter
DuplicateHandle
GetConsoleOutputCP
GetCurrentProcess
InterlockedPushEntrySList
LocalFree
GetCurrentThread
SetPriorityClass
GetCPInfo
GetLogicalProcessorInformation
CreateThread
FreeLibraryAndExitThread
GlobalAlloc
ReadConsoleW
GetLocaleInfoW
UnregisterWait
EnterCriticalSection
FlushFileBuffers
GetEnvironmentVariableA
FileTimeToSystemTime
DeleteTimerQueueTimer
LoadLibraryExW
FreeLibrary
GetDriveTypeW
HeapReAlloc
VerSetConditionMask
ExitThread
RegisterWaitForSingleObject
SetEvent
GetModuleFileNameW
RemoveDirectoryW
IsValidLocale
SwitchToThread
CreateDirectoryW
FormatMessageW
GetCommandLineA
ReleaseSemaphore
TryEnterCriticalSection
lstrlenA
TlsSetValue
InitializeCriticalSection
GetFileSize
TlsFree
ChangeTimerQueueTimer
GetFullPathNameW
GetCurrentThreadId
WriteFile
GetModuleHandleA
QueryPerformanceCounter
WriteConsoleW
GetVersionExW
IsValidCodePage
Sleep
SystemTimeToTzSpecificLocalTime
GetCommandLineW
VirtualAlloc
PeekNamedPipe
GlobalUnlock
GetLogicalDriveStringsW
SetFilePointer
UnhandledExceptionFilter
SetStdHandle
AcquireSRWLockExclusive
GetFileAttributesExW
GetTickCount64
CreateEventW
CompareFileTime
SetFilePointerEx
DeleteCriticalSection
RaiseException
GetProcessHeap
InterlockedFlushSList
FindNextFileW
LeaveCriticalSection
WideCharToMultiByte
GlobalLock
FreeEnvironmentStringsW
TerminateProcess
GetThreadTimes
SetEnvironmentVariableW
GetSystemTimeAsFileTime
VerifyVersionInfoW
GetNumaHighestNodeNumber
SleepEx
TlsAlloc
GetCurrentDirectoryW
ResetEvent
SignalObjectAndWait
FileTimeToLocalFileTime
GetConsoleMode
EncodePointer
FindFirstFileW
InitializeSListHead
SetEndOfFile
InitializeCriticalSectionEx
GlobalMemoryStatus
GetDateFormatW
InterlockedPopEntrySList
CreateSemaphoreW
SetLastError
GetFileSizeEx
GetVersion
HeapSize
FindFirstFileExW
SetThreadAffinityMask
IsProcessorFeaturePresent
GetFileAttributesW
CloseHandle
DecodePointer
SetFileAttributesW
ExitProcess
InitializeCriticalSectionAndSpinCount
VirtualProtect
LoadLibraryW
GetOEMCP
lstrcatA
LCMapStringW
GetProcAddress
DeleteFileW
GetModuleHandleExW
QueryDepthSList
GetCurrentProcessId
GetACP
GetThreadPriority
EnumSystemLocalesW
GetLastError
FindClose
GetStdHandle
MultiByteToWideChar
GetTimeFormatW
GetSystemDirectoryW
ReadFile
GlobalFree
WaitForMultipleObjects
TlsGetValue
GetSystemInfo
CreateTimerQueue
MoveFileW
GetFileType
GetFileInformationByHandle
GetTimeZoneInformation
GetStringTypeW
CreateFileW
GetModuleHandleW
GetEnvironmentStringsW
IsDebuggerPresent
GetStartupInfoW
SetThreadPriority
HeapAlloc
ReleaseSRWLockExclusive
UnregisterWaitEx
QueryPerformanceFrequency
MoveFileExW
RtlUnwind
CompareStringW
WaitForSingleObjectEx
GetProcessAffinityMask
SetFileTime
GetTickCount
WaitForSingleObject
GetUserDefaultLCID
CreateTimerQueueTimer
HeapFree
VirtualFree
user32
GetParent
SetTimer
MoveWindow
CheckDlgButton
GetKeyState
ShowWindow
CloseClipboard
DialogBoxParamW
GetMonitorInfoA
GetWindowTextW
GetWindowTextLengthW
GetFocus
GetWindowLongW
SetWindowTextW
SetFocus
IsDlgButtonChecked
LoadIconW
SendMessageW
GetWindowRect
MessageBoxA
EndDialog
MonitorFromWindow
InvalidateRect
ScreenToClient
CharUpperW
wsprintfA
PostMessageW
KillTimer
SetWindowLongW
LoadStringW
EmptyClipboard
SetCursor
SystemParametersInfoW
EnableWindow
SetDlgItemTextW
OpenClipboard
MessageBoxW
LoadCursorW
MapDialogRect
SetClipboardData
GetDlgItem
advapi32
CryptGetHashParam
CryptHashData
CloseServiceHandle
CryptEncrypt
CryptImportKey
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptDestroyKey
shell32
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetFileInfoW
ole32
OleInitialize
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
oleaut32
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SysStringLen
bcrypt
BCryptGenRandom
crypt32
CertGetCertificateChain
CertFreeCertificateChainEngine
PFXImportCertStore
CertFindCertificateInStore
CertAddCertificateContextToStore
CryptStringToBinaryW
CertGetNameStringW
CertCloseStore
CertOpenStore
CertFreeCertificateChain
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateContext
CertFindExtension
CryptDecodeObjectEx
CertEnumCertificatesInStore
wldap32
ord73
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord117
ord26
ord27
ws2_32
recvfrom
sendto
getpeername
ioctlsocket
gethostname
freeaddrinfo
WSAEventSelect
getsockopt
send
WSAResetEvent
WSACloseEvent
WSAEnumNetworkEvents
socket
WSAIoctl
WSACreateEvent
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
htons
setsockopt
WSAWaitForMultipleEvents
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
getaddrinfo
Sections
.text Size: 6.7MB - Virtual size: 6.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 275KB - Virtual size: 275KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ