C:\Users\hecker\Desktop\Bloxshade-main\bloxshade\build\start.pdb
Static task
static1
1 signatures
General
-
Target
Bloxshade.zip
-
Size
3.8MB
-
MD5
892ab5d430eb2c41cf2ccdd08ce2579b
-
SHA1
3c7582817e93df6e01fac2fbf7874addeb0bbaf1
-
SHA256
1eeb56a6a924ec87ae42f5f1d7f7a6d0c45c97bffe4745fb71db863e84d4a919
-
SHA512
6c0376cb1827c5fd23084cf1ae0ce0a82970ef5adf3acf7c9bb6be9bcc370c6d2551ee5c265ae029b1e67cb9c23c092bfde1e5033e96edf2ea1f4c6cc3c28667
-
SSDEEP
98304:LLseGdefn0MyR5UofAwdAGO9CYoNmhM+tbkMPfTsgN1:LYeOYn0HR5UofAw/O2N/gsg3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Setup - Bloxshade.exe
Files
-
Bloxshade.zip.zip
-
Setup - Bloxshade.exe.exe windows:6 windows x64 arch:x64
86143e9d266266935fa6298f3fd08d76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
SizeofResource
WaitForSingleObject
FreeResource
LockResource
CloseHandle
LoadResource
FindResourceW
CreateProcessW
WinExec
SetEndOfFile
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
LocalFree
FormatMessageA
GetLocaleInfoEx
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetFileInformationByHandle
AreFileApisANSI
GetLastError
GetModuleHandleW
GetProcAddress
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW
HeapAlloc
HeapSize
HeapValidate
GetSystemInfo
ExitProcess
GetStdHandle
WriteFile
GetFileType
OutputDebugStringW
WriteConsoleW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapFree
HeapReAlloc
HeapQueryInformation
GetProcessHeap
ReadFile
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
RtlUnwind
user32
MessageBoxW
shell32
ord680
Sections
.text Size: 395KB - Virtual size: 394KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 121KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 8.2MB - Virtual size: 8.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ