2024-07-03_a3e0f79e82f9c726a1002c677c288597_megazord

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-03_a3e0f79e82f9c726a1002c677c288597_megazord
Size

22.4MB
MD5

a3e0f79e82f9c726a1002c677c288597
SHA1

7d48f2e2f3e4b3c09f1e5d761b7a36447dcf5f38
SHA256

ee05b3a830db87fc30c6602f9f99d863e388d1e666a5302cd9a1b65a3f5fc30a
SHA512

800a67cce1a5303676aad556341f326669daac2ee6a6c2b5901bc720a5c84684b0a656df6b67baaacf830c1bb7e3729096ef0a84cf44a3eb48bcda341c1576d2
SSDEEP

196608:D4U8WnkKgfjSF9uZCQM6FPE5N/YIGQMenk6D90v36d1G/zWEe1/aHNc6gRYTM9zX:sWnkKgfjSFgZCQM6FPEkIr9o+Tq/cr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-03_a3e0f79e82f9c726a1002c677c288597_megazord

Files

2024-07-03_a3e0f79e82f9c726a1002c677c288597_megazord
.exe windows:6 windows x64 arch:x64

03836cdfea064abdc1006ae1cd671f78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\dev\tauri-music\src-tauri\target\release\deps\music.pdb

Imports

kernel32

CloseHandle
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCurrentThreadId
GetModuleHandleW
TryAcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
SleepConditionVariableSRW
WaitForSingleObject
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
GetConsoleMode
GetFileInformationByHandleEx
CreateFileW
SetConsoleMode
GetLastError
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetSystemInfo
CreateFileMappingW
VirtualAlloc
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
LocalFree
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
MapViewOfFile
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
GetFileAttributesW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
lstrlenW
GetUserDefaultUILanguage
LCIDToLocaleName
LoadLibraryExA
CreateEventW
SetEvent
GetModuleFileNameW
LoadLibraryExW
GetEnvironmentVariableW
GetFileInformationByHandle
GetModuleHandleA
RtlVirtualUnwind
SetHandleInformation
PostQueuedCompletionStatus
CreateIoCompletionPort
GetQueuedCompletionStatusEx
SetFileCompletionNotificationModes
GetTimeZoneInformationForYear
FreeEnvironmentStringsW
DeleteProcThreadAttributeList
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetCommandLineW
SetFileInformationByHandle
SetFilePointerEx
WriteFileEx
SleepEx
GetExitCodeProcess
TerminateProcess
GetProcessId
WakeAllConditionVariable
WakeConditionVariable
QueryPerformanceFrequency
ReleaseMutex
FindNextFileW
FindClose
CreateDirectoryW
FindFirstFileW
MoveFileExW
RemoveDirectoryW
DeviceIoControl
GetFinalPathNameByHandleW
CopyFileExW
ExitProcess
CreateNamedPipeW
ReadFileEx
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
WriteConsoleW
CreateThread
GetCurrentThread
CreateMutexA
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsDebuggerPresent
InitializeSListHead
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsFree

ws2_32

WSAStartup
WSAGetLastError
WSAIoctl
setsockopt
WSASend
send
freeaddrinfo
recv
shutdown
getsockopt
listen
ioctlsocket
connect
bind
WSASocketW
accept
getsockname
getpeername
getaddrinfo
WSACleanup
closesocket

comctl32

DefSubclassProc
TaskDialogIndirect
RemoveWindowSubclass
SetWindowSubclass

user32

ValidateRect
GetWindowLongW
GetClientRect
ClientToScreen
LoadCursorW
SetCursor
GetClipCursor
PostMessageW
ShowCursor
AdjustWindowRectEx
GetMenu
SystemParametersInfoW
ReleaseCapture
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
ClipCursor
GetUpdateRect
OffsetRect
GetMenuBarInfo
IsWindowVisible
PeekMessageW
EnumChildWindows
RedrawWindow
GetWindowLongPtrW
IsProcessDPIAware
RegisterClassExW
SetParent
ShowWindow
MapWindowPoints
SystemParametersInfoA
PostQuitMessage
SendMessageW
RegisterWindowMessageA
CreateAcceleratorTableW
DestroyAcceleratorTable
TrackPopupMenu
GetWindowDC
DrawIconEx
ReleaseDC
CheckMenuItem
SetMenuItemInfoW
AppendMenuW
InsertMenuW
PostThreadMessageW
CreatePopupMenu
CreateMenu
DestroyMenu
RemoveMenu
SetMenu
DrawMenuBar
GetMenuItemInfoW
SetPropW
TrackMouseEvent
CreateIcon
GetRawInputData
DestroyIcon
DispatchMessageA
GetMessageA
GetKeyboardState
ToUnicodeEx
GetKeyboardLayout
SendInput
SetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
SetWindowLongW
TranslateAcceleratorW
EnableMenuItem
GetForegroundWindow
GetSystemMenu
SetWindowDisplayAffinity
MonitorFromPoint
EnumDisplayMonitors
MapVirtualKeyExW
RegisterTouchWindow
IsWindow
CreateWindowExW
FlashWindowEx
GetActiveWindow
SetCursorPos
GetKeyState
InvalidateRgn
GetWindowPlacement
SetWindowPlacement
ChangeDisplaySettingsExW
DefWindowProcW
GetMessageW
MapVirtualKeyW
IsIconic
AdjustWindowRect
GetDC
DispatchMessageW
TranslateMessage
GetMonitorInfoW
SetWindowPos
MonitorFromWindow
GetCursorPos
MonitorFromRect
GetWindowRect
GetSystemMetrics
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo
GetAsyncKeyState
DestroyWindow

ole32

OleInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
RevokeDragDrop
CoInitializeEx
RegisterDragDrop
CoTaskMemAlloc

shell32

SHCreateItemFromParsingName
ShellExecuteW
DragFinish
SHAppBarMessage
DragQueryFileW
SHGetKnownFolderPath

gdi32

CreateRectRgn
SelectObject
CreateCompatibleDC
BitBlt
DeleteDC
CreateDIBSection
DeleteObject
GetDeviceCaps

dwmapi

DwmGetWindowAttribute
DwmSetWindowAttribute
DwmEnableBlurBehindWindow

secur32

ApplyControlToken
FreeCredentialsHandle
AcquireCredentialsHandleA
QueryContextAttributesW
DeleteSecurityContext
DecryptMessage
InitializeSecurityContextW
AcceptSecurityContext
FreeContextBuffer
EncryptMessage

crypt32

CertDuplicateCertificateContext
CertFreeCertificateContext
CertVerifyCertificateChainPolicy
CertDuplicateStore
CertGetCertificateChain
CertCloseStore
CertOpenStore
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertFreeCertificateChain
CertDuplicateCertificateChain

advapi32

SystemFunction036
RegQueryValueExW
EventUnregister
RegCloseKey
RegGetValueW
RegOpenKeyExW
EventWriteTransfer
EventRegister
EventSetInformation

shlwapi

SHCreateMemStream

ntdll

NtWriteFile
RtlNtStatusToDosError
NtCreateFile
RtlGetVersion
NtDeviceIoControlFile
NtReadFile
NtCancelIoFileEx

oleaut32

SysFreeString
SysStringLen
SetErrorInfo
GetErrorInfo

uxtheme

DrawThemeBackground
CloseThemeData
DrawThemeText
OpenThemeData

bcrypt

BCryptGenRandom

api-ms-win-crt-math-l1-1-0

trunc
floor
log
fmod
__setusermatherr
ceilf
roundf
truncf
powf
exp2f
round
pow
ceil

api-ms-win-crt-string-l1-1-0

wcslen
strcmp
wcsncmp
_wcsicmp
wcscmp
strlen
strcspn
strncmp
strcpy_s

api-ms-win-crt-heap-l1-1-0

_set_new_mode
realloc
free
malloc
_msize
_callnewh
calloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_endthreadex
_seh_filter_exe
_set_app_type
_register_thread_local_exe_atexit_callback
_configure_narrow_argv
abort
_initialize_narrow_environment
_get_initial_narrow_environment
terminate
_c_exit
_crt_atexit
_register_onexit_function
_initterm
_initterm_e
_initialize_onexit_table
exit
_exit
_cexit
__p___argc
__p___argv

api-ms-win-crt-convert-l1-1-0

_wtoi
_ultow_s
wcstol

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 15.7MB - Virtual size: 15.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 741KB - Virtual size: 741KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03836cdfea064abdc1006ae1cd671f78

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

comctl32

user32

ole32

shell32

gdi32

dwmapi

secur32

crypt32

advapi32

shlwapi

ntdll

oleaut32

uxtheme

bcrypt

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 15.7MB - Virtual size: 15.7MB

.rdata Size: 5.8MB - Virtual size: 5.8MB

.data Size: 44KB - Virtual size: 57KB

.pdata Size: 741KB - Virtual size: 741KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 95KB - Virtual size: 95KB

.text
Size: 15.7MB - Virtual size: 15.7MB

.rdata
Size: 5.8MB - Virtual size: 5.8MB

.data
Size: 44KB - Virtual size: 57KB

.pdata
Size: 741KB - Virtual size: 741KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 95KB - Virtual size: 95KB