2024-06-26_2b20ac629481cfe3f4d8918ff0e810b3_megazord

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-26_2b20ac629481cfe3f4d8918ff0e810b3_megazord
Size

1.2MB
MD5

2b20ac629481cfe3f4d8918ff0e810b3
SHA1

8378d054064b198a74deb1f06b5dcba5a2769b44
SHA256

c231ccf072f32e9ab6e339f5b7ffc20d9c23a3bc3febd99ccdd9dc6b03d99083
SHA512

748ca5841a2db17af9a1938ee5b10f4a414111c366d8a8f50c9f7f3a4500e9533b974fca24dee572f85c334b4b02b16fcc101ff1341950d11074ee2759c53feb
SSDEEP

24576:nmQY+5qPTTkOdXA2MwVtAv3px/z7g912M8:5YmObMGtAv3j/zs1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-26_2b20ac629481cfe3f4d8918ff0e810b3_megazord

Files

2024-06-26_2b20ac629481cfe3f4d8918ff0e810b3_megazord
.exe windows:6 windows x64 arch:x64

7616228dc30982892a566058f835aa05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\wezterm\wezterm\target\release\deps\strip_ansi_escapes.pdb

Imports

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

kernel32

GetModuleFileNameW
CloseHandle
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
TryAcquireSRWLockExclusive
GetConsoleMode
SetConsoleMode
GetConsoleOutputCP
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetCurrentProcess
GetFileType
WriteFile
FreeEnvironmentStringsW
GetLastError
AddVectoredExceptionHandler
SetThreadStackGuarantee
WaitForSingleObject
QueryPerformanceCounter
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCommandLineW
FlushFileBuffers
SetFilePointerEx
GetStdHandle
GetCurrentProcessId
TerminateProcess
HeapFree
HeapReAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseMutex
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
FindNextFileW
FindClose
CreateFileW
GetFileInformationByHandleEx
GetModuleHandleW
FormatMessageW
ExitProcess
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
ReadConsoleW
GetCurrentThread
GetSystemTimeAsFileTime
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
HeapSize
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetStringTypeW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetCommandLineA
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent

ntdll

RtlNtStatusToDosError
NtReadFile
NtWriteFile

Sections

.text
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7616228dc30982892a566058f835aa05

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcrypt

advapi32

kernel32

ntdll

Sections

.text Size: 856KB - Virtual size: 855KB

.rdata Size: 301KB - Virtual size: 301KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 34KB - Virtual size: 34KB

_RDATA Size: 512B - Virtual size: 500B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 856KB - Virtual size: 855KB

.rdata
Size: 301KB - Virtual size: 301KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 34KB - Virtual size: 34KB

_RDATA
Size: 512B - Virtual size: 500B

.reloc
Size: 6KB - Virtual size: 5KB