2024-06-14_9f67c047ab56c0c9923a2b8aa0eef683_megazord

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-14_9f67c047ab56c0c9923a2b8aa0eef683_megazord
Size

55.4MB
MD5

9f67c047ab56c0c9923a2b8aa0eef683
SHA1

4762622b9ab911541b791792faf621513395a4f0
SHA256

2523a78d0ccb78504f90e3059985ff345f592dd2db36bc05098658de912d16ce
SHA512

a8013a93801624c8ccdb2293fe315af4be58d188fb03445c2aa54d8e7b738b31069ff198a445a5cad89f51c1fd988062347640126dee76f1da594b4e103f2541
SSDEEP

393216:ebss/rM/c6XyZEmysNl9LlBr/H3BPsCpYKlQ3TliXUxR0rHa93WhlU6ttINU7Hlv:ebBoNrkzf3NX9QbcHlXf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-14_9f67c047ab56c0c9923a2b8aa0eef683_megazord

Files

2024-06-14_9f67c047ab56c0c9923a2b8aa0eef683_megazord
.exe windows:6 windows x64 arch:x64

d7a65eae71e573473c08d0912157c65e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\deno\deno\target\release\deps\deno.pdb

Imports

kernel32

ReleaseSRWLockShared
WakeAllConditionVariable
SleepConditionVariableSRW
GlobalUnlock
GetACP
LoadLibraryExW
GetProcAddress
IsValidCodePage
GetCurrentProcessId
GetStringTypeW
WriteConsoleInputW
PeekConsoleInputW
FlushConsoleInputBuffer
FindClose
SetCurrentDirectoryW
AcquireSRWLockShared
SetEnvironmentVariableW
GetEnvironmentStringsW
FreeEnvironmentStringsW
TerminateProcess
RegisterWaitForSingleObject
UnregisterWaitEx
CompareStringOrdinal
GetConsoleScreenBufferInfo
CreateToolhelp32Snapshot
Process32First
Process32Next
GetFileSizeEx
SetErrorMode
SetThreadErrorMode
LoadLibraryW
FormatMessageW
RemoveVectoredExceptionHandler
CreateEventA
FreeLibrary
SetFileTime
GetConsoleMode
GetFileInformationByHandleEx
LeaveCriticalSection
GetConsoleOutputCP
EnumSystemLocalesW
TryAcquireSRWLockExclusive
ReadFile
GetOverlappedResult
WriteFile
CancelIoEx
GetUserDefaultLCID
SetFileCompletionNotificationModes
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
GetCommandLineA
GetCPInfo
GetModuleHandleExW
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
CreateSemaphoreW
WaitForSingleObjectEx
CreateFileW
CancelIo
ReadDirectoryChangesW
ReleaseSemaphore
GetSystemInfo
Sleep
GetModuleHandleA
SetFileInformationByHandle
FreeLibraryAndExitThread
SetConsoleCursorPosition
WakeConditionVariable
GetConsoleCursorInfo
SetConsoleCursorInfo
ReadConsoleInputW
ExitThread
EncodePointer
GlobalLock
GlobalSize
WideCharToMultiByte
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetFileInformationByHandle
SetConsoleMode
TlsGetValue
TlsSetValue
SetLastError
GetCurrentDirectoryW
LoadLibraryA
CreateMutexA
GetCurrentProcess
ReleaseMutex
GetEnvironmentVariableW
RtlLookupFunctionEntry
GetModuleHandleW
GetTempPathW
GetModuleFileNameW
GetCommandLineW
SetFilePointerEx
DeviceIoControl
GetFullPathNameW
FlushFileBuffers
DuplicateHandle
GetFinalPathNameByHandleW
FindNextFileW
CreateDirectoryW
UnlockFile
WriteConsoleW
InitializeCriticalSection
EnterCriticalSection
InterlockedPushEntrySList
RtlUnwindEx
RaiseException
RtlPcToFileHeader
SetHandleInformation
GetStartupInfoW
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
CreateNamedPipeW
CreateEventW
WaitForMultipleObjects
ExitProcess
TryEnterCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentThread
RtlCaptureContext
FindFirstFileW
DeleteFileW
MoveFileExW
RemoveDirectoryW
CreateSymbolicLinkW
CreateHardLinkW
SetFileAttributesW
CopyFileExW
CreateThread
InitializeSListHead
ResetEvent
SetEvent
GetProcessId
LockFileEx
SetConsoleTextAttribute
GetExitCodeProcess
GetDiskFreeSpaceA
GetSystemTimes
GlobalMemoryStatusEx
GetVersionExA
InitializeCriticalSectionAndSpinCount
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
SystemTimeToFileTime
GetFileSize
LocalFree
HeapDestroy
HeapCompact
DeleteFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetTempPathA
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
AreFileApisANSI
DeleteCriticalSection
GetCurrentThreadId
RtlVirtualUnwind
GetLocaleInfoEx
IsProcessorFeaturePresent
GetTimeZoneInformation
GetTempFileNameA
GetFileType
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
IsDebuggerPresent
TlsAlloc
TlsFree
TryAcquireSRWLockShared
QueryThreadCycleTime
GetThreadPriority
SetThreadPriority
VirtualProtect
RtlAddFunctionTable
RtlDeleteFunctionTable
WaitForSingleObject
OpenProcess
GetOEMCP
lstrlenW
InitOnceExecuteOnce
FlsAlloc
FlsGetValue
FlsSetValue
SetUnhandledExceptionFilter
FindFirstFileExW
CloseHandle
SwitchToThread
GetHandleInformation
RtlCaptureStackBackTrace
SetStdHandle
CreateFileA
GetStdHandle
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetNativeSystemInfo
GetDynamicTimeZoneInformation
GetUserGeoID
GetGeoInfoW
GetLastError
SetThreadStackGuarantee
InitializeConditionVariable
OpenThread
SuspendThread
GetThreadContext
ResumeThread
CreateSemaphoreA
ResolveLocaleName
GetCurrencyFormatEx
GetNumberFormatEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDateFormatEx
GetTimeFormatEx
UnhandledExceptionFilter
AddVectoredExceptionHandler
HeapReAlloc
HeapFree
GetProcessHeap
ReadConsoleW
HeapAlloc
RtlUnwind

crypt32

CertCloseStore
CertFreeCertificateContext
CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetEnhancedKeyUsage

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

user32

MapVirtualKeyW
GetClipboardData
OpenClipboard
CloseClipboard

ws2_32

freeaddrinfo
WSAStartup
WSASend
recvfrom
sendto
send
bind
WSACleanup
shutdown
connect
accept
ioctlsocket
socket
WSAIoctl
recv
getsockname
getaddrinfo
WSAGetLastError
setsockopt
listen
closesocket
getsockopt
getpeername
WSASocketW

iphlpapi

GetAdaptersAddresses

bcrypt

BCryptGenRandom

advapi32

SystemFunction036
EventSetInformation
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
EventWriteTransfer
EventRegister
RegCloseKey

ntdll

NtCreateFile
NtCancelIoFileEx
RtlNtStatusToDosError
NtDeviceIoControlFile

d3dcompiler_47

D3DCompile

winmm

timeGetTime

dbghelp

SymGetModuleBase64
SymFunctionTableAccess64
SymSetOptions
SymInitialize
SymSetSearchPathW
SymGetSearchPathW
SymFromAddr
SymGetLineFromAddr64
StackWalk64

Exports

Exports

CrashForExceptionInNonABICompliantCodeRange

Sections

.text
Size: 31.3MB - Virtual size: 31.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21.9MB - Virtual size: 21.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7a65eae71e573473c08d0912157c65e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

crypt32

shell32

ole32

user32

ws2_32

iphlpapi

bcrypt

advapi32

ntdll

d3dcompiler_47

winmm

dbghelp

Exports

Exports

Sections

.text Size: 31.3MB - Virtual size: 31.3MB

.rdata Size: 21.9MB - Virtual size: 21.9MB

.data Size: 135KB - Virtual size: 259KB

.pdata Size: 1.2MB - Virtual size: 1.2MB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 186KB - Virtual size: 186KB

.text
Size: 31.3MB - Virtual size: 31.3MB

.rdata
Size: 21.9MB - Virtual size: 21.9MB

.data
Size: 135KB - Virtual size: 259KB

.pdata
Size: 1.2MB - Virtual size: 1.2MB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 186KB - Virtual size: 186KB