2024-05-24_553d9d3a0a05f8407153596d45d51496_megazord

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-24_553d9d3a0a05f8407153596d45d51496_megazord
Size

1.2MB
MD5

553d9d3a0a05f8407153596d45d51496
SHA1

65d9a92f96add516fb6dbf9251682ef3e10c00c0
SHA256

f338ed5b83ffeb9d2c79ad3016da6ddb3b02ee8cb2dd95149e7b1a81eaaa93c9
SHA512

9c2cde5b310d5e54a6a244e19b47e4c546b0326902c5209dbfb9050b67223cd3d6838c084ad43ee06b32fc56274fe1e3c6fa5c8232bd45fb5796c6b137db9c62
SSDEEP

24576:e2ur+HJlh0jygTLmpfF/YulbJb4nvH6X4u84KJ:eGHJlh0jygT814nvH6XI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-24_553d9d3a0a05f8407153596d45d51496_megazord

Files

2024-05-24_553d9d3a0a05f8407153596d45d51496_megazord
.exe windows:6 windows x64 arch:x64

c01366e91b7fbd2088ff09dc841bab7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\wezterm\wezterm\target\release\deps\strip_ansi_escapes.pdb

Imports

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

kernel32

HeapSize
GetCurrentProcess
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
CloseHandle
SetConsoleMode
GetConsoleMode
GetConsoleOutputCP
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetFileType
WriteFile
GetStdHandle
GetFileInformationByHandleEx
FreeEnvironmentStringsW
ReleaseMutex
FindClose
ReleaseSRWLockShared
GetLastError
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetCurrentThread
RtlCaptureContext
GetProcAddress
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCommandLineW
FlushFileBuffers
SetFilePointerEx
GetCurrentProcessId
WaitForSingleObject
TerminateProcess
QueryPerformanceCounter
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleA
FindNextFileW
CreateFileW
GetModuleHandleW
FormatMessageW
GetModuleFileNameW
ExitProcess
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
ReadConsoleW
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetStringTypeW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetCommandLineA
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
TlsFree
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentThreadId
InitializeSListHead
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter

ntdll

NtWriteFile
NtReadFile
RtlNtStatusToDosError

Sections

.text
Size: 856KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c01366e91b7fbd2088ff09dc841bab7f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcrypt

advapi32

kernel32

ntdll

Sections

.text Size: 856KB - Virtual size: 856KB

.rdata Size: 302KB - Virtual size: 301KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 37KB - Virtual size: 36KB

_RDATA Size: 512B - Virtual size: 348B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 856KB - Virtual size: 856KB

.rdata
Size: 302KB - Virtual size: 301KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 37KB - Virtual size: 36KB

_RDATA
Size: 512B - Virtual size: 348B

.reloc
Size: 6KB - Virtual size: 5KB