2024-05-15_c83b685462854232e5e3f8d83e9a3186_megazord

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-15_c83b685462854232e5e3f8d83e9a3186_megazord
Size

9.1MB
MD5

c83b685462854232e5e3f8d83e9a3186
SHA1

53c457930c699758b0eaa1b2b49b840b8a7a78fa
SHA256

7edf3759bb9437fac9bc2d459d6303622d3b2bb098f7d94c4f60ece3dee31e45
SHA512

398a285ba7a432fb889a4044ec6485d62c862a56dfdf963f2217d874e7e5c54df7407fc914cd15fac00171b2dfd3c71d6659801abd39f3fda086be6a6742ced3
SSDEEP

98304:xkNZpUheXFn1x9SlwZiwGjB1b+2i+KfNTfAKhzAAF/2QZro8rmHAc4O010ipd1zM:9KfNTfJZSHAcCld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-15_c83b685462854232e5e3f8d83e9a3186_megazord

Files

2024-05-15_c83b685462854232e5e3f8d83e9a3186_megazord
.exe windows:6 windows x64 arch:x64

cb2bfaf80b3fa2b9f8dd18d09f6a45c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\AMIN AMIR\Documents\GitHub\finelauncher\src-tauri\target\release\deps\finelauncher.pdb

Imports

user32

SetWindowPlacement
TrackMouseEvent
MonitorFromRect
SetWindowPos
ClientToScreen
DispatchMessageA
GetMessageA
GetWindowPlacement
GetTouchInputInfo
PeekMessageW
VkKeyScanW
GetAsyncKeyState
GetKeyboardState
TrackPopupMenu
GetClientRect
GetWindowLongW
PostQuitMessage
AppendMenuW
CreatePopupMenu
CreateMenu
CheckMenuItem
SetMenuItemInfoW
ChangeDisplaySettingsExW
EnableMenuItem
GetSystemMenu
ShowWindow
SetWindowLongW
SendMessageW
InvalidateRgn
FlashWindowEx
GetUpdateRect
LoadCursorW
CreateAcceleratorTableW
DestroyAcceleratorTable
SendInput
CloseTouchInputHandle
SetForegroundWindow
ValidateRect
IsWindow
CreateWindowExW
DefWindowProcW
DestroyWindow
RedrawWindow
PostThreadMessageW
GetCursorPos
PostMessageW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
SetWindowDisplayAffinity
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
MonitorFromPoint
EnumDisplayMonitors
IsProcessDPIAware
GetDC
MonitorFromWindow
SystemParametersInfoA
GetWindowLongPtrW
IsWindowVisible
ClipCursor
GetClipCursor
ShowCursor
AdjustWindowRectEx
GetMenu
GetWindowRect
ToUnicodeEx
GetKeyState
MapVirtualKeyExW
GetKeyboardLayout
DestroyIcon
CreateIcon
GetRawInputData
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
RegisterClassExW
RegisterWindowMessageA
RegisterClassW
EnumChildWindows
GetAncestor
SetCursor
GetMessageW
ScreenToClient
SetCursorPos
GetForegroundWindow
GetActiveWindow
IsIconic
SetMenu
ReleaseCapture
MapVirtualKeyW
RegisterTouchWindow
GetSystemMetrics
GetMonitorInfoW

comctl32

RemoveWindowSubclass
DefSubclassProc
SetWindowSubclass

kernel32

WriteConsoleW
MultiByteToWideChar
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
ReadFileEx
CreateNamedPipeW
GetFullPathNameW
ExitProcess
GetTempPathW
CreateEventW
GetFinalPathNameByHandleW
GetFileAttributesW
GetModuleFileNameW
GetLastError
OutputDebugStringA
OutputDebugStringW
CreateThread
WaitForSingleObjectEx
LoadLibraryExW
LoadLibraryA
CreateMutexA
FreeLibrary
GetCurrentThread
GetProcessHeap
HeapFree
HeapAlloc
SetEvent
WaitForSingleObject
DeleteFileW
FormatMessageW
FindFirstFileW
CreateDirectoryW
Sleep
GetStdHandle
GetConsoleMode
GetFileInformationByHandleEx
GetFileInformationByHandle
SleepConditionVariableSRW
CreateFileW
FindClose
FindNextFileW
ReleaseMutex
HeapReAlloc
LCIDToLocaleName
GetUserDefaultUILanguage
QueryPerformanceFrequency
WakeConditionVariable
GetUserDefaultLocaleName
GetNativeSystemInfo
GetSystemInfo
GetProcAddress
GetModuleHandleA
TryAcquireSRWLockExclusive
lstrlenW
GetEnvironmentVariableW
GetSystemTimeAsFileTime
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
WakeAllConditionVariable
RtlPcToFileHeader
RaiseException
EncodePointer
TerminateProcess
GetExitCodeProcess
TlsAlloc
RtlUnwind
TlsGetValue
TlsSetValue
CloseHandle
SleepEx
ReleaseSRWLockShared
AcquireSRWLockShared
WriteFileEx
GetCurrentProcessId
SetFilePointerEx
DuplicateHandle
SetFileInformationByHandle
GetCommandLineW
GetCurrentThreadId
GetCurrentProcess
SetHandleInformation
SetEnvironmentVariableW
GetEnvironmentStringsW
GetCurrentDirectoryW
SetLastError
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
QueryPerformanceCounter
SetWaitableTimer
CreateWaitableTimerExW
SwitchToThread
SetThreadStackGuarantee
AddVectoredExceptionHandler
CompareStringOrdinal
CreateIoCompletionPort
DeleteProcThreadAttributeList
GetQueuedCompletionStatusEx
FreeEnvironmentStringsW
PostQueuedCompletionStatus
TlsFree
SetFileCompletionNotificationModes

ole32

CoUninitialize
CoCreateInstance
RegisterDragDrop
CreateStreamOnHGlobal
OleInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop

shell32

SHGetKnownFolderPath
SHAppBarMessage
Shell_NotifyIconW
DragQueryFileW
DragFinish
Shell_NotifyIconGetRect

gdi32

GetDeviceCaps
CreateRectRgn
DeleteObject

dwmapi

DwmEnableBlurBehindWindow

advapi32

EventRegister
SystemFunction036
EventSetInformation
EventWriteTransfer
RegOpenKeyExW
RegQueryValueExW
EventUnregister
RegGetValueW
RegCloseKey

uxtheme

SetWindowTheme

oleaut32

GetErrorInfo
SysFreeString
SysStringLen
SetErrorInfo

ws2_32

closesocket
getaddrinfo
getpeername
WSAStartup
freeaddrinfo
getsockname
WSASocketW
bind
connect
ioctlsocket
getsockopt
shutdown
recv
send
WSASend
setsockopt
WSAIoctl
WSAGetLastError
WSACleanup

secur32

FreeContextBuffer
DecryptMessage
ApplyControlToken
InitializeSecurityContextW
AcceptSecurityContext
FreeCredentialsHandle
AcquireCredentialsHandleA
QueryContextAttributesW
DeleteSecurityContext
EncryptMessage

crypt32

CertOpenStore
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertDuplicateCertificateContext
CertVerifyCertificateChainPolicy
CertDuplicateStore
CertDuplicateCertificateChain
CertGetCertificateChain
CertFreeCertificateChain
CertEnumCertificatesInStore

ntdll

NtCancelIoFileEx
NtDeviceIoControlFile
RtlNtStatusToDosError
NtWriteFile
NtReadFile
NtCreateFile

bcrypt

BCryptGenRandom

api-ms-win-crt-math-l1-1-0

floor
pow
round
trunc
__setusermatherr

api-ms-win-crt-string-l1-1-0

wcslen
strcpy_s
strlen
wcsncmp
_wcsicmp

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
_callnewh
calloc
malloc

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
_configure_narrow_argv
_exit
exit
_c_exit
abort
_seh_filter_exe
terminate
_initterm_e
_initterm
_get_initial_narrow_environment
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_set_app_type
_cexit
_register_thread_local_exe_atexit_callback
_initialize_narrow_environment

api-ms-win-crt-convert-l1-1-0

_ultow_s
wcstol

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb2bfaf80b3fa2b9f8dd18d09f6a45c9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

ole32

shell32

gdi32

dwmapi

advapi32

uxtheme

oleaut32

ws2_32

secur32

crypt32

ntdll

bcrypt

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 5.3MB - Virtual size: 5.3MB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: 16KB - Virtual size: 28KB

.pdata Size: 265KB - Virtual size: 264KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 62KB - Virtual size: 61KB

.reloc Size: 31KB - Virtual size: 30KB

.text
Size: 5.3MB - Virtual size: 5.3MB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 16KB - Virtual size: 28KB

.pdata
Size: 265KB - Virtual size: 264KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 62KB - Virtual size: 61KB

.reloc
Size: 31KB - Virtual size: 30KB