2024-05-11_f21ffaba47528c9f08841a3d40da08df_megazord

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-11_f21ffaba47528c9f08841a3d40da08df_megazord
Size

8.0MB
MD5

f21ffaba47528c9f08841a3d40da08df
SHA1

9b0a0aa134ff22bf25f50a17ccb8d11652850174
SHA256

e10d3dc70c18110f7f415f61a06c082774315db9e91bcf31ff86c1dd5eb61913
SHA512

b393156890447efd3f138a4ced222532f028881d4c58fa0e04d2252387d5779566b314c7c8dc5240941b614485f64937c6ff8aeea214e93c8ffcef13e77fc510
SSDEEP

98304:w70sI2hahAX9qMmrK5bJVLzoEkpnP2qgFQo6wNZ0siveiS00d://SOnPcFQkX0NWS0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-11_f21ffaba47528c9f08841a3d40da08df_megazord

Files

2024-05-11_f21ffaba47528c9f08841a3d40da08df_megazord
.exe windows:6 windows x64 arch:x64

2810a4c2fcbd095718b3b20c2d8e0fd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\kadium\kadium\src-tauri\target\release\deps\kadium.pdb

Imports

kernel32

SetWaitableTimer
WaitForSingleObject
CreateWaitableTimerExW
MoveFileExW
SetFilePointerEx
GetQueuedCompletionStatusEx
FlushFileBuffers
AcquireSRWLockShared
ReleaseSRWLockShared
PostQueuedCompletionStatus
lstrlenW
CreateIoCompletionPort
SetFileCompletionNotificationModes
TryAcquireSRWLockExclusive
LoadLibraryExA
GetProcAddress
FreeLibrary
GetModuleHandleA
GetModuleHandleW
SetThreadStackGuarantee
AddVectoredExceptionHandler
GetLastError
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
SleepConditionVariableSRW
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
RtlPcToFileHeader
Sleep
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
SwitchToThread
CloseHandle
LoadLibraryExW
HeapReAlloc
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
HeapAlloc
DeleteCriticalSection
GetProcessHeap
TryEnterCriticalSection
QueryPerformanceFrequency
WakeConditionVariable
GetCurrentThread
GetStdHandle
GetConsoleMode
LeaveCriticalSection
MultiByteToWideChar
WriteConsoleW
SetLastError
FormatMessageW
GetCurrentDirectoryW
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
CreateMutexA
ReleaseMutex
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
GetEnvironmentVariableW
SetEnvironmentVariableW
GetTempPathW
GetModuleFileNameW
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
EnterCriticalSection
GetFullPathNameW
GetFinalPathNameByHandleW
CreateDirectoryW
FindFirstFileW
FindClose
InitializeCriticalSection
RaiseException
AreFileApisANSI
ReadFile
CreateThread
ExitProcess
GetSystemTimeAsFileTime
SetFileInformationByHandle
DuplicateHandle
SetHandleInformation
HeapCreate
WriteFile
LoadLibraryW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateMutexW
HeapFree
GetFileAttributesW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
DeleteFileA
DeleteFileW
HeapCompact
HeapDestroy
UnlockFile
LocalFree
LockFileEx
GetFileSize
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTime
FormatMessageA
GetCommandLineW
CreateFileMappingW
MapViewOfFile
GetTickCount
WakeAllConditionVariable
GetSystemInfo
LCIDToLocaleName
GetUserDefaultUILanguage
TlsFree

user32

SetMenuItemInfoW
AdjustWindowRectEx
RegisterWindowMessageA
GetClientRect
CheckMenuItem
EnableMenuItem
IsIconic
GetKeyboardState
GetAsyncKeyState
GetKeyState
IsWindowVisible
MonitorFromWindow
MonitorFromPoint
GetWindowLongPtrW
SetMenu
GetMenu
EnumDisplayMonitors
MapVirtualKeyExW
SetWindowDisplayAffinity
GetKeyboardLayout
ShowWindow
CreateAcceleratorTableW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
PostThreadMessageW
GetSystemMenu
SetWindowLongW
GetClipCursor
PostQuitMessage
GetMessageW
ClipCursor
ShowCursor
DispatchMessageW
SystemParametersInfoA
RedrawWindow
PeekMessageW
GetDC
CreateMenu
AppendMenuW
VkKeyScanW
TranslateMessage
MsgWaitForMultipleObjectsEx
PostMessageW
GetAncestor
TranslateAcceleratorW
ToUnicodeEx
CreateIcon
DestroyAcceleratorTable
DestroyIcon
GetForegroundWindow
CreateWindowExW
GetMessageA
SendInput
SetForegroundWindow
RegisterTouchWindow
GetSystemMetrics
IsWindow
RegisterClassExW
FlashWindowEx
GetActiveWindow
SetCursorPos
SendMessageW
InvalidateRgn
SetWindowPlacement
ChangeDisplaySettingsExW
GetUpdateRect
MapVirtualKeyW
ValidateRect
GetRawInputData
SetCursor
LoadCursorW
IsProcessDPIAware
SetWindowPos
GetMonitorInfoW
GetCursorPos
CloseTouchInputHandle
GetTouchInputInfo
ReleaseCapture
DestroyWindow
SetCapture
TrackMouseEvent
GetWindowPlacement
MonitorFromRect
GetWindowRect
ClientToScreen
GetWindowLongW
ScreenToClient
EnumChildWindows
DefWindowProcW
RegisterRawInputDevices
SetWindowLongPtrW
DispatchMessageA

comctl32

DefSubclassProc
RemoveWindowSubclass
TaskDialogIndirect
SetWindowSubclass

ole32

CoTaskMemFree
CoTaskMemAlloc
OleInitialize
CreateStreamOnHGlobal
RevokeDragDrop
CoCreateInstance
CoInitializeEx
CoUninitialize
RegisterDragDrop

shell32

DragFinish
DragQueryFileW
ShellExecuteW
SHAppBarMessage
SHGetKnownFolderPath

gdi32

GetDeviceCaps
DeleteObject
CreateRectRgn

dwmapi

DwmEnableBlurBehindWindow

crypt32

CertDuplicateCertificateContext
CertOpenStore
CertDuplicateStore
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertGetCertificateChain
CertDuplicateCertificateChain
CertFreeCertificateContext
CertCloseStore
CertFreeCertificateChain
CertVerifyCertificateChainPolicy

ws2_32

send
closesocket
setsockopt
getsockname
WSAGetLastError
getpeername
recv
shutdown
WSASocketW
ioctlsocket
WSAIoctl
bind
connect
getsockopt
getaddrinfo
freeaddrinfo
WSAStartup
WSACleanup
WSASend

ntdll

NtWriteFile
RtlGetNtVersionNumbers
NtReadFile
NtCreateFile
NtCancelIoFileEx
RtlNtStatusToDosError
NtDeviceIoControlFile

bcrypt

BCryptGenRandom

advapi32

SystemFunction036
RegQueryValueExW
EventRegister
EventSetInformation
EventWriteTransfer
EventUnregister
RegGetValueW
RegOpenKeyExW
RegCloseKey

secur32

FreeContextBuffer
DeleteSecurityContext
AcceptSecurityContext
InitializeSecurityContextW
ApplyControlToken
DecryptMessage
EncryptMessage
AcquireCredentialsHandleA
QueryContextAttributesW
FreeCredentialsHandle

uxtheme

SetWindowTheme

oleaut32

GetErrorInfo
SysStringLen
SysFreeString
SetErrorInfo

api-ms-win-crt-math-l1-1-0

floor
trunc
log
round
pow
__setusermatherr

api-ms-win-crt-string-l1-1-0

wcsncmp
_wcsicmp
strlen
wcslen
strcmp
strspn
strcpy_s
strcspn
strncmp

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_msize
realloc
_set_new_mode
calloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-runtime-l1-1-0

_exit
_seh_filter_exe
__p___argc
_set_app_type
__p___argv
_configure_narrow_argv
_cexit
_initialize_narrow_environment
_get_initial_narrow_environment
exit
_c_exit
_initterm
_register_thread_local_exe_atexit_callback
_beginthreadex
_endthreadex
_initialize_onexit_table
_initterm_e
abort
terminate
_crt_atexit
_register_onexit_function

api-ms-win-crt-convert-l1-1-0

wcstol
_ultow_s

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2810a4c2fcbd095718b3b20c2d8e0fd0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

ole32

shell32

gdi32

dwmapi

crypt32

ws2_32

ntdll

bcrypt

advapi32

secur32

uxtheme

oleaut32

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 23KB - Virtual size: 35KB

.pdata Size: 115KB - Virtual size: 114KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 60KB - Virtual size: 59KB

.text
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 23KB - Virtual size: 35KB

.pdata
Size: 115KB - Virtual size: 114KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 60KB - Virtual size: 59KB