2024-05-14_4a819a051e650f5880db15b4fc0b9a84_megazord

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_4a819a051e650f5880db15b4fc0b9a84_megazord
Size

10.0MB
MD5

4a819a051e650f5880db15b4fc0b9a84
SHA1

b09adf0ab923c19709697884db8efe560de7747f
SHA256

47c7bae5431dc1bf8038a96e2fdc9a944f4a392998930918a341d46945fa9446
SHA512

91cc6a6462eed3f95d8fe9fff0305fbcf5805000aaba95ade72f4888ad4481d62e99821eecbe9d8630d6ab36ff46e2c6bd03cec2d17744bf15cf58a5e00f1230
SSDEEP

98304:tTw1kCUwYC9u+6ybfuekzvdpffpeE+STeBMTRG7:tkaCc+EeOJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-14_4a819a051e650f5880db15b4fc0b9a84_megazord

Files

2024-05-14_4a819a051e650f5880db15b4fc0b9a84_megazord
.exe windows:6 windows x64 arch:x64

f4f91ba262822a60a6478075a62195c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Main\Downloads\meteorite-launcher-main\meteorite-launcher-main\src-tauri\target\release\deps\app.pdb

Imports

ntdll

RtlVirtualUnwind
RtlPcToFileHeader
RtlUnwindEx
RtlGetNtVersionNumbers
RtlUnwind
NtReadFile
RtlLookupFunctionEntry
RtlCaptureContext
NtCreateFile
NtDeviceIoControlFile
RtlNtStatusToDosError
NtCancelIoFileEx
NtWriteFile

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTimeAsFileTime
AcquireSRWLockShared
TlsAlloc
LoadLibraryA
ReleaseSRWLockShared
TryAcquireSRWLockExclusive
GetProcAddress
GetSystemInfo
CloseHandle
GetTempPathW
TlsSetValue
TlsGetValue
CreateThread
WriteConsoleW
MultiByteToWideChar
GetCurrentThreadId
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
CreateNamedPipeW
lstrlenW
ExitProcess
CreateEventW
CopyFileExW
GetUserDefaultUILanguage
GetFinalPathNameByHandleW
GetModuleHandleA
RemoveDirectoryW
MoveFileExW
DeleteFileW
FindFirstFileW
CreateDirectoryW
GlobalLock
GlobalUnlock
CreateFileW
FindNextFileW
GlobalAlloc
CreateMutexA
WaitForSingleObjectEx
HeapReAlloc
WakeConditionVariable
WakeAllConditionVariable
GetProcessId
GetFileAttributesW
GetModuleFileNameW
GetLastError
OutputDebugStringA
OutputDebugStringW
LCIDToLocaleName
GetFullPathNameW
LoadLibraryW
GetModuleHandleW
LoadLibraryExW
EncodePointer
FreeLibrary
GetEnvironmentVariableW
TerminateProcess
GetExitCodeProcess
ReadFileEx
SleepEx
WriteFileEx
SetFilePointerEx
GetProcessHeap
HeapAlloc
SetFileInformationByHandle
HeapFree
FormatMessageW
SetEvent
WaitForSingleObject
SleepConditionVariableSRW
GetCommandLineW
AcquireSRWLockExclusive
SetEnvironmentVariableW
GetEnvironmentStringsW
GetCurrentDirectoryW
SetLastError
GetCurrentThread
SwitchToThread
SetThreadStackGuarantee
AddVectoredExceptionHandler
SetHandleInformation
CompareStringOrdinal
GetCurrentProcessId
FindClose
ReleaseMutex
FreeEnvironmentStringsW
ReleaseSRWLockExclusive
GetFileInformationByHandle
CreateIoCompletionPort
GetQueuedCompletionStatusEx
UnhandledExceptionFilter
PostQueuedCompletionStatus
SetUnhandledExceptionFilter
SetFileCompletionNotificationModes
IsProcessorFeaturePresent
GetStdHandle
GetConsoleMode
GetFileInformationByHandleEx
Sleep
CreatePipe
GetCurrentProcess
DuplicateHandle
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
InitializeSListHead
IsDebuggerPresent
TlsFree

ws2_32

getaddrinfo
getpeername
select
getsockname
WSASocketW
bind
connect
ioctlsocket
getsockopt
shutdown
recv
freeaddrinfo
WSACleanup
WSAStartup
WSASend
setsockopt
WSAIoctl
WSAGetLastError
closesocket
send

secur32

InitializeSecurityContextW
QueryContextAttributesW
AcquireCredentialsHandleA
FreeCredentialsHandle
AcceptSecurityContext
FreeContextBuffer
DecryptMessage
EncryptMessage
DeleteSecurityContext
ApplyControlToken

crypt32

CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetCertificateChain
CertCloseStore
CertDuplicateCertificateChain
CertDuplicateStore
CertOpenStore
CertAddCertificateContextToStore
CertFreeCertificateChain
CertVerifyCertificateChainPolicy

user32

GetClientRect
GetWindowLongW
GetTouchInputInfo
MessageBoxW
ScreenToClient
DispatchMessageA
GetMessageA
DestroyWindow
SetCursor
TrackMouseEvent
SetClipboardData
RegisterClipboardFormatW
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
ToUnicodeEx
CreateAcceleratorTableW
SetForegroundWindow
SetWindowTextW
GetSystemMenu
SetWindowLongW
IsProcessDPIAware
GetDC
PostQuitMessage
SendInput
GetMonitorInfoW
ShowWindow
AppendMenuW
MonitorFromRect
CheckMenuItem
SetMenuItemInfoW
EnableMenuItem
MonitorFromPoint
EnumDisplayMonitors
CloseTouchInputHandle
UnregisterHotKey
RegisterHotKey
GetRawInputData
IsWindowVisible
ClipCursor
GetClipCursor
ShowCursor
LoadCursorW
SetWindowPos
AdjustWindowRectEx
ReleaseCapture
GetWindowRect
GetUpdateRect
GetWindowLongPtrW
SetWindowDisplayAffinity
GetMenu
ClientToScreen
SetMenu
GetForegroundWindow
PostThreadMessageW
SystemParametersInfoA
ValidateRect
GetActiveWindow
VkKeyScanW
MapVirtualKeyExW
GetKeyState
GetAsyncKeyState
GetKeyboardState
SendMessageW
DestroyAcceleratorTable
DestroyIcon
DispatchMessageW
TranslateMessage
CreateIcon
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
GetKeyboardLayout
RegisterClassExW
RegisterWindowMessageA
PeekMessageW
MonitorFromWindow
EnumChildWindows
GetCursorPos
RedrawWindow
GetWindowPlacement
SetWindowPlacement
ChangeDisplaySettingsExW
FlashWindowEx
DefWindowProcW
TranslateAcceleratorW
GetAncestor
GetMessageW
MapVirtualKeyW
PostMessageW
CreateMenu
RegisterTouchWindow
GetSystemMetrics
IsWindow
CreateWindowExW
InvalidateRgn
SetCursorPos

comctl32

SetWindowSubclass
RemoveWindowSubclass
DefSubclassProc

ole32

CoTaskMemAlloc
CoTaskMemFree
OleInitialize
RevokeDragDrop
CoInitializeEx
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
RegisterDragDrop

gdi32

CreateRectRgn
GetDeviceCaps
DeleteObject

dwmapi

DwmEnableBlurBehindWindow

advapi32

SystemFunction036
RegGetValueW
EventSetInformation
RegOpenKeyExW
RegQueryValueExW
EventUnregister
EventWriteTransfer
RegCloseKey
EventRegister

shell32

DragQueryFileW
ShellExecuteW
DragFinish
SHGetKnownFolderPath
SHCreateItemFromParsingName

uxtheme

SetWindowTheme

oleaut32

SysStringLen
SysFreeString
GetErrorInfo
SetErrorInfo

bcrypt

BCryptGenRandom

api-ms-win-crt-math-l1-1-0

round
floor
__setusermatherr
trunc

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
_callnewh
_set_new_mode

api-ms-win-crt-string-l1-1-0

_wcsicmp
wcslen
strcpy_s
wcsncmp

api-ms-win-crt-convert-l1-1-0

_ultow_s
wcstol

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_configure_narrow_argv
_seh_filter_exe
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
abort
__p___argc
terminate
__p___argv
_cexit
_crt_atexit
_register_onexit_function
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4f91ba262822a60a6478075a62195c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

ws2_32

secur32

crypt32

user32

comctl32

ole32

gdi32

dwmapi

advapi32

shell32

uxtheme

oleaut32

bcrypt

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 6.5MB - Virtual size: 6.5MB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 15KB - Virtual size: 19KB

.pdata Size: 388KB - Virtual size: 387KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 35KB - Virtual size: 34KB

.text
Size: 6.5MB - Virtual size: 6.5MB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 15KB - Virtual size: 19KB

.pdata
Size: 388KB - Virtual size: 387KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 35KB - Virtual size: 34KB