2024-05-30_450d7ca1a6ee1e6549d3cdf5865f7025_megazord

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-30_450d7ca1a6ee1e6549d3cdf5865f7025_megazord
Size

57.9MB
MD5

450d7ca1a6ee1e6549d3cdf5865f7025
SHA1

d72b3aa59b210e83c44a0607fe9ccdae0cfc4378
SHA256

71814ad512ce4e731601cc755bcf31b7c4a024d292a98de449a47fff9a4495f0
SHA512

ad380fda9aa70571f2d605b58a1489c3cc9c23fcbf8dbac0dda7f8959ff348c8a07fd87683e652523e9f1951c66b89964c5596a9a801b798ddeb85a06a1caa32
SSDEEP

393216:dnFpusYE4dnDY85ZuuziwVyNX4xrucp8i9nKlQlz4liXUxCGZHa93Whlw6Zf8EIa:DpusYRNvx9ptkCm8EArVlOhNMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-30_450d7ca1a6ee1e6549d3cdf5865f7025_megazord

Files

2024-05-30_450d7ca1a6ee1e6549d3cdf5865f7025_megazord
.exe windows:6 windows x64 arch:x64

9cd55af9ba948da7138abab932566801

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\deno\deno\target\release\deps\deno.pdb

Imports

kernel32

SleepConditionVariableSRW
GlobalUnlock
GetACP
LoadLibraryExW
GetProcAddress
IsValidCodePage
GetCurrentProcessId
SetCurrentDirectoryW
FindClose
GetStringTypeW
WriteConsoleInputW
PeekConsoleInputW
FlushConsoleInputBuffer
SetEnvironmentVariableW
WakeAllConditionVariable
TerminateProcess
GetConsoleScreenBufferInfo
CreateToolhelp32Snapshot
Process32First
Process32Next
GetFileSizeEx
SetErrorMode
SetThreadErrorMode
LoadLibraryW
FormatMessageW
CreatePipe
RemoveVectoredExceptionHandler
CreateEventA
FreeLibrary
SetFileTime
ReleaseSRWLockShared
AcquireSRWLockShared
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
TryAcquireSRWLockExclusive
ReadFile
GetOverlappedResult
WriteFile
CancelIoEx
GetUserDefaultLCID
SetFileCompletionNotificationModes
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
GetCommandLineA
GetCPInfo
GetModuleHandleExW
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
CreateSemaphoreW
WaitForSingleObjectEx
CreateFileW
CancelIo
ReadDirectoryChangesW
ReleaseSemaphore
GetSystemInfo
Sleep
GetModuleHandleA
SetFileInformationByHandle
GetFileInformationByHandleEx
WakeConditionVariable
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
LeaveCriticalSection
GetConsoleCursorInfo
SetConsoleCursorInfo
ReadConsoleInputW
FreeLibraryAndExitThread
ExitThread
GlobalLock
GlobalSize
WideCharToMultiByte
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetFileInformationByHandle
SetConsoleCursorPosition
EncodePointer
InterlockedPushEntrySList
TlsGetValue
TlsSetValue
SetLastError
GetCurrentDirectoryW
LoadLibraryA
CreateMutexA
ReleaseMutex
GetEnvironmentVariableW
RtlLookupFunctionEntry
GetEnvironmentStringsW
GetModuleHandleW
GetTempPathW
GetModuleFileNameW
GetCommandLineW
SetFilePointerEx
DeviceIoControl
GetFullPathNameW
FlushFileBuffers
GetFinalPathNameByHandleW
FindNextFileW
CreateDirectoryW
ReadConsoleW
WriteConsoleW
SetConsoleMode
EnterCriticalSection
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetStartupInfoW
SetHandleInformation
InitializeSListHead
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
CreateNamedPipeW
CreateEventW
WaitForMultipleObjects
ExitProcess
TryEnterCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentThread
RtlCaptureContext
FindFirstFileW
DeleteFileW
MoveFileExW
RemoveDirectoryW
CreateSymbolicLinkW
CreateHardLinkW
SetFileAttributesW
CopyFileExW
CreateThread
ResetEvent
SetEvent
RegisterWaitForSingleObject
UnregisterWaitEx
GetProcessId
UnlockFile
SetConsoleTextAttribute
LockFileEx
GetDiskFreeSpaceA
GetSystemTimes
GlobalMemoryStatusEx
GetVersionExA
InitializeCriticalSectionAndSpinCount
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
SystemTimeToFileTime
GetFileSize
LocalFree
HeapDestroy
HeapCompact
DeleteFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetTempPathA
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
AreFileApisANSI
DeleteCriticalSection
GetCurrentThreadId
RtlVirtualUnwind
GetLocaleInfoEx
IsProcessorFeaturePresent
GetTimeZoneInformation
GetTempFileNameA
GetFileType
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
IsDebuggerPresent
TlsAlloc
TlsFree
VirtualQuery
TryAcquireSRWLockShared
QueryThreadCycleTime
GetThreadPriority
SetThreadPriority
VirtualProtect
RtlAddFunctionTable
RtlDeleteFunctionTable
FreeEnvironmentStringsW
DuplicateHandle
GetCurrentProcess
GetExitCodeProcess
InitOnceExecuteOnce
FlsAlloc
FlsGetValue
FlsSetValue
SetUnhandledExceptionFilter
WaitForSingleObject
OpenProcess
GetOEMCP
lstrlenW
RtlCaptureStackBackTrace
FindFirstFileExW
CloseHandle
SwitchToThread
GetHandleInformation
SetStdHandle
GetNativeSystemInfo
GetDynamicTimeZoneInformation
GetUserGeoID
GetGeoInfoW
CreateFileA
GetStdHandle
InitializeConditionVariable
OpenThread
SuspendThread
GetThreadContext
ResumeThread
CreateSemaphoreA
ResolveLocaleName
GetCurrencyFormatEx
GetNumberFormatEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDateFormatEx
GetTimeFormatEx
UnhandledExceptionFilter
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetLastError
SetThreadStackGuarantee
InitializeCriticalSection
AddVectoredExceptionHandler
RtlUnwind

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

user32

MapVirtualKeyW
CloseClipboard
OpenClipboard
GetClipboardData

ws2_32

WSASocketW
freeaddrinfo
WSAStartup
recvfrom
sendto
send
recv
getsockopt
shutdown
connect
bind
ioctlsocket
socket
WSAIoctl
WSACleanup
getsockname
getpeername
WSAGetLastError
setsockopt
WSASend
closesocket
listen
accept
getaddrinfo

iphlpapi

GetAdaptersAddresses

bcrypt

BCryptGenRandom

advapi32

EventSetInformation
EventRegister
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
SystemFunction036
RegCloseKey
EventWriteTransfer

ntdll

NtDeviceIoControlFile
RtlNtStatusToDosError
NtCancelIoFileEx
NtCreateFile

crypt32

CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertCloseStore

d3dcompiler_47

D3DCompile

winmm

timeGetTime

dbghelp

StackWalk64
SymGetSearchPathW
SymFunctionTableAccess64
SymGetModuleBase64
SymSetSearchPathW
SymSetOptions
SymInitialize
SymGetLineFromAddr64
SymFromAddr

Exports

Exports

CrashForExceptionInNonABICompliantCodeRange

Sections

.text
Size: 32.0MB - Virtual size: 32.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22.8MB - Virtual size: 22.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cd55af9ba948da7138abab932566801

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

ole32

user32

ws2_32

iphlpapi

bcrypt

advapi32

ntdll

crypt32

d3dcompiler_47

winmm

dbghelp

Exports

Exports

Sections

.text Size: 32.0MB - Virtual size: 32.0MB

.rdata Size: 22.8MB - Virtual size: 22.8MB

.data Size: 135KB - Virtual size: 252KB

.pdata Size: 1.2MB - Virtual size: 1.2MB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 188KB - Virtual size: 187KB

.text
Size: 32.0MB - Virtual size: 32.0MB

.rdata
Size: 22.8MB - Virtual size: 22.8MB

.data
Size: 135KB - Virtual size: 252KB

.pdata
Size: 1.2MB - Virtual size: 1.2MB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 188KB - Virtual size: 187KB