2024-06-01_41d220d4a6034a2f443dcf5a2a4d5d9d_megazord

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-01_41d220d4a6034a2f443dcf5a2a4d5d9d_megazord
Size

14.9MB
MD5

41d220d4a6034a2f443dcf5a2a4d5d9d
SHA1

9d1723896a7cedc6d6bdc803dc005b45a98a86d5
SHA256

74ea5fae7930a7b0e5b556bfaf2fb907cb1d970fda124564b1df97041f9ab62e
SHA512

163460f33ae3ddec122243f20db878e1dfaf9401710452f7050cc88e1c735560815cdd9ba832dcc1831a96c9e0d58e41162cc49328df90688fcf892ef1d96fa7
SSDEEP

196608:3h693Y4WmAFolifxgi/VdXR509Cwg4/ggJ6m:3s93Y4WmAFolifxFfh5cg4/ggL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-01_41d220d4a6034a2f443dcf5a2a4d5d9d_megazord

Files

2024-06-01_41d220d4a6034a2f443dcf5a2a4d5d9d_megazord
.exe windows:6 windows x64 arch:x64

78f68c2c37cdc693eedc2f8fa47bb9f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Frostbite\repos\dot-x\src-tauri\target\release\deps\dot_x.pdb

Imports

kernel32

FormatMessageW
LoadLibraryExW
VirtualQuery
GetComputerNameExW
LoadLibraryExA
GetCurrentThread
RtlLookupFunctionEntry
WaitForSingleObjectEx
GetCurrentProcessId
CreateMutexA
PostQueuedCompletionStatus
WaitForSingleObject
SetEvent
CreateEventW
FreeLibrary
SetFileCompletionNotificationModes
SetHandleInformation
CreateIoCompletionPort
GetCommState
GetProcAddress
ReadFile
WriteFile
CreateFileW
SetCommTimeouts
DuplicateHandle
FlushFileBuffers
EscapeCommFunction
GetCommModemStatus
ClearCommError
PurgeComm
SetCommBreak
ClearCommBreak
GetTempPathW
GetSystemTimeAsFileTime
CreateThread
WriteConsoleW
MultiByteToWideChar
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
WaitForMultipleObjects
CreateNamedPipeW
GetFullPathNameW
ExitProcess
SetUnhandledExceptionFilter
LoadLibraryA
HeapFree
GetFinalPathNameByHandleW
CreateHardLinkW
K32GetProcessImageFileNameA
GetModuleHandleA
GetSystemInfo
CreateSymbolicLinkW
lstrlenW
GetCurrentProcess
SetFileTime
HeapAlloc
DeleteFileW
FindFirstFileW
CreateDirectoryW
FindNextFileW
GetUserDefaultUILanguage
LCIDToLocaleName
HeapReAlloc
LoadLibraryW
QueryPerformanceFrequency
WakeConditionVariable
WakeAllConditionVariable
GetProcessId
TerminateProcess
GetExitCodeProcess
ReadFileEx
SleepEx
WriteFileEx
SetFilePointerEx
SetFileInformationByHandle
GetCommandLineW
GetProcessHeap
SetEnvironmentVariableW
GetEnvironmentStringsW
GetCurrentDirectoryW
SetLastError
QueryPerformanceCounter
SwitchToThread
SetThreadStackGuarantee
AddVectoredExceptionHandler
CompareStringOrdinal
DeleteProcThreadAttributeList
FindClose
FreeEnvironmentStringsW
MoveFileExW
SetFileAttributesW
GetQueuedCompletionStatusEx
CancelIo
RtlCaptureContext
GetFileInformationByHandle
GetOverlappedResult
SleepConditionVariableSRW
QueryFullProcessImageNameW
OpenProcess
GetLastError
CreateMutexW
ReleaseMutex
AcquireSRWLockShared
CloseHandle
ReleaseSRWLockShared
TlsFree
GetCurrentThreadId
TryAcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetUserDefaultLocaleName
GetFileAttributesW
GetModuleFileNameW
OutputDebugStringA
OutputDebugStringW
ResetEvent
InitializeSListHead
RtlVirtualUnwind
IsDebuggerPresent
GetModuleHandleW
GetEnvironmentVariableW
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
UnhandledExceptionFilter
Sleep
IsProcessorFeaturePresent
GetStdHandle
GetConsoleMode
GetFileInformationByHandleEx
RtlUnwindEx
RtlPcToFileHeader
RaiseException
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
ReleaseSRWLockExclusive
SetCommState
AcquireSRWLockExclusive

user32

TrackPopupMenu
SetForegroundWindow
RegisterTouchWindow
GetSystemMetrics
PostQuitMessage
SendInput
AppendMenuW
CreatePopupMenu
CreateMenu
SetMenuItemInfoW
SetWindowDisplayAffinity
GetMenu
ShowCursor
ClipCursor
GetClipCursor
SetWindowLongW
GetSystemMenu
ShowWindow
CheckMenuItem
EnableMenuItem
SystemParametersInfoA
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
RegisterWindowMessageA
GetForegroundWindow
EnumDisplayMonitors
MonitorFromPoint
SetWindowTextW
EnumChildWindows
GetWindowTextLengthW
DestroyIcon
GetKeyboardLayout
DestroyAcceleratorTable
CreateAcceleratorTableW
SetMenu
DestroyWindow
DefWindowProcW
GetDC
FindWindowW
RegisterClassExW
SendMessageW
ValidateRect
PostThreadMessageW
PeekMessageW
MapVirtualKeyW
GetUpdateRect
RegisterClassW
GetMessageW
GetAncestor
GetKeyState
IsProcessDPIAware
AdjustWindowRectEx
GetClientRect
GetKeyboardState
TranslateAcceleratorW
PostMessageW
IsWindow
IsWindowVisible
TranslateMessage
CreateWindowExW
DispatchMessageW
GetActiveWindow
SetCursorPos
InvalidateRgn
SetWindowPos
ClientToScreen
FlashWindowEx
ReleaseCapture
GetAsyncKeyState
MapVirtualKeyExW
GetCursorPos
VkKeyScanW
MonitorFromRect
IsIconic
RedrawWindow
TrackMouseEvent
GetWindowLongW
GetTouchInputInfo
ScreenToClient
CloseTouchInputHandle
MonitorFromWindow
SetCursor
GetMonitorInfoW
ChangeDisplaySettingsExW
SetWindowPlacement
GetWindowPlacement
LoadCursorW
GetRawInputData
CreateIcon
ToUnicodeEx
GetMessageA
DispatchMessageA
SetCapture
SetWindowLongPtrW
GetWindowLongPtrW
GetWindowRect
GetGUIThreadInfo
GetWindowThreadProcessId
GetWindowTextW

gdi32

DeleteObject
CreateRectRgn
GetDeviceCaps

dwmapi

DwmEnableBlurBehindWindow
DwmSetWindowAttribute
DwmExtendFrameIntoClientArea

ole32

CoTaskMemAlloc
OleInitialize
RegisterDragDrop
CoCreateGuid
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
RevokeDragDrop

comctl32

SetWindowSubclass
DefSubclassProc
RemoveWindowSubclass
TaskDialogIndirect

shell32

SHGetKnownFolderPath
DragQueryFileW
DragFinish
SHAppBarMessage
Shell_NotifyIconW
Shell_NotifyIconGetRect

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
EventRegister
SystemFunction036
RegQueryValueExW
RegGetValueW
EventUnregister
EventWriteTransfer
EventSetInformation

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleaut32

SysStringLen
GetErrorInfo
SetErrorInfo
SysFreeString

ws2_32

WSAIoctl
accept
WSASend
WSARecv
ioctlsocket
socket
recv
shutdown
closesocket
connect
WSAGetLastError
getaddrinfo
listen
freeaddrinfo
WSACleanup
WSAStartup
setsockopt
send
getsockopt
WSASocketW
getpeername
getsockname
bind

dbghelp

MiniDumpWriteDump

psapi

GetModuleFileNameExW
GetModuleInformation
EnumProcessModules

secur32

ApplyControlToken
EncryptMessage
AcquireCredentialsHandleA
InitializeSecurityContextW
DeleteSecurityContext
AcceptSecurityContext
FreeContextBuffer
FreeCredentialsHandle
DecryptMessage
QueryContextAttributesW

crypt32

CertEnumCertificatesInStore
CertFreeCertificateChain
CertDuplicateCertificateChain
CertOpenStore
CertCloseStore
CertGetCertificateChain
CertFreeCertificateContext
CertDuplicateCertificateContext
CertVerifyCertificateChainPolicy
CertAddCertificateContextToStore
CertDuplicateStore

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiClassGuidsFromNameA
SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

winmm

midiOutUnprepareHeader
midiOutShortMsg
midiOutPrepareHeader
midiOutClose
midiOutReset
midiOutOpen
midiOutMessage
midiOutGetNumDevs
midiOutGetDevCapsW
midiOutLongMsg

uxtheme

SetWindowTheme

ntdll

NtReadFile
RtlNtStatusToDosError
NtWriteFile
RtlGetNtVersionNumbers
NtCreateFile
RtlGetVersion
NtDeviceIoControlFile
NtCancelIoFileEx

bcrypt

BCryptGenRandom

api-ms-win-crt-string-l1-1-0

strlen
wcsncmp
strcpy_s
wcslen
_wcsicmp

api-ms-win-crt-math-l1-1-0

round
pow
ceil
trunc
floor
__setusermatherr

api-ms-win-crt-runtime-l1-1-0

_exit
exit
_initterm_e
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argc
_set_app_type
__p___argv
abort
_seh_filter_exe
_invoke_watson
terminate
_crt_atexit
_register_onexit_function
_initialize_onexit_table
signal
_cexit
_set_invalid_parameter_handler
_initterm
_register_thread_local_exe_atexit_callback
_c_exit

api-ms-win-crt-convert-l1-1-0

wcstol
_ultow_s

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh
calloc

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 507KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78f68c2c37cdc693eedc2f8fa47bb9f7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

dwmapi

ole32

comctl32

shell32

advapi32

version

oleaut32

ws2_32

dbghelp

psapi

secur32

crypt32

setupapi

winmm

uxtheme

ntdll

bcrypt

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 8.9MB - Virtual size: 8.9MB

.rdata Size: 5.5MB - Virtual size: 5.5MB

.data Size: 14KB - Virtual size: 18KB

.pdata Size: 507KB - Virtual size: 506KB

.eh_fram Size: 512B - Virtual size: 88B

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 59KB - Virtual size: 59KB

.text
Size: 8.9MB - Virtual size: 8.9MB

.rdata
Size: 5.5MB - Virtual size: 5.5MB

.data
Size: 14KB - Virtual size: 18KB

.pdata
Size: 507KB - Virtual size: 506KB

.eh_fram
Size: 512B - Virtual size: 88B

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 59KB - Virtual size: 59KB