2024-07-04_9f0812eecc8f33744a21380fbb28ba95_megazord

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-04_9f0812eecc8f33744a21380fbb28ba95_megazord
Size

8.1MB
MD5

9f0812eecc8f33744a21380fbb28ba95
SHA1

3f8de50a215363481f2321974dacd2e2cfc4d620
SHA256

dc6f5cb6aa84bf8662a76d50bb8fe7db6d54f0a9fcb998d87a58a7e9255b9492
SHA512

cd7fe90b7a1d99d7487eca80b7a5170bb4aced0e63ce7a4246972d118c05761318cd067f0a67a5bb3912f7949f4c6b261da6f55cba1d98341d3519cfdb50ca79
SSDEEP

98304:qCAYbtNjJ9+0ZLlI1R6VbG2F0tH+XGqgFZfFM:qCAHnSGqgFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-04_9f0812eecc8f33744a21380fbb28ba95_megazord

Files

2024-07-04_9f0812eecc8f33744a21380fbb28ba95_megazord
.exe windows:6 windows x64 arch:x64

eedc60a9ed426860ecc66dc40ba33062

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

diver.pdb

Imports

api-ms-win-core-synch-l1-2-0

WakeByAddressSingle
WaitOnAddress
WakeByAddressAll

bcryptprimitives

ProcessPrng

kernel32

SetThreadStackGuarantee
GetCurrentThread
HeapReAlloc
SetThreadErrorMode
LoadLibraryExW
GetProcAddress
lstrlenW
FormatMessageW
WideCharToMultiByte
UnmapViewOfFile
GetUserPreferredUILanguages
CreateFileMappingW
MapViewOfFile
GetCurrentProcess
DuplicateHandle
VirtualProtect
Sleep
GetModuleHandleA
SetLastError
GetModuleFileNameW
GetModuleHandleW
CreateWaitableTimerExW
SetWaitableTimer
WaitForSingleObject
GetCurrentThreadId
GetStdHandle
GetConsoleMode
MultiByteToWideChar
WriteConsoleW
QueryPerformanceFrequency
GetCurrentDirectoryW
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcessId
CreateMutexA
ReleaseMutex
GetEnvironmentVariableW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
CreateFileW
SetFileInformationByHandle
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
FindNextFileW
CreateDirectoryW
FindFirstFileW
CreateThread
QueryPerformanceCounter
HeapAlloc
GetProcessHeap
GetFinalPathNameByHandleW
FreeLibrary
CreateEventA
RemoveVectoredExceptionHandler
GlobalLock
GetSystemInfo
GlobalUnlock
GlobalAlloc
GlobalFree
LoadLibraryExA
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
EncodePointer
RtlUnwindEx
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
TlsSetValue
TlsFree
RtlPcToFileHeader
WriteFile
ExitProcess
TerminateProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetFileType
GetStringTypeW
TlsGetValue
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
AddVectoredExceptionHandler
FindClose
CloseHandle
SwitchToThread
GetLastError
SetFilePointerEx
HeapFree
FlushFileBuffers
GetConsoleOutputCP
GlobalSize
HeapSize

user32

EnableMenuItem
SetWindowLongW
SetMenuDefaultItem
TrackPopupMenu
GetSystemMenu
AdjustWindowRectEx
GetClipCursor
ClipCursor
ShowCursor
CreateIcon
ShowWindow
ToUnicodeEx
GetKeyboardLayout
MapVirtualKeyExW
RegisterWindowMessageA
SystemParametersInfoA
GetWindowLongW
SetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
GetClipboardData
DefWindowProcA
RegisterClassExA
ReleaseDC
CreateWindowExA
GetCursorPos
CloseTouchInputHandle
GetTouchInputInfo
TrackMouseEvent
ReleaseCapture
SetCapture
MonitorFromRect
ScreenToClient
GetMenu
IsProcessDPIAware
GetKeyState
GetAsyncKeyState
GetKeyboardState
RegisterTouchWindow
GetSystemMetrics
SendInput
MapVirtualKeyW
SetWindowDisplayAffinity
SetWindowPlacement
GetWindowPlacement
ChangeDisplaySettingsExW
SetCursor
LoadCursorW
SendMessageW
FlashWindowEx
GetActiveWindow
IsWindowVisible
MonitorFromWindow
GetForegroundWindow
IsIconic
ClientToScreen
SetWindowTextW
DestroyIcon
InvalidateRgn
SetWindowPos
GetDC
GetClientRect
ValidateRect
GetRawInputData
DefWindowProcW
RedrawWindow
GetWindowLongPtrW
DispatchMessageW
TranslateMessage
KillTimer
SetTimer
GetMessageW
PeekMessageW
MonitorFromPoint
DestroyWindow
RegisterRawInputDevices
SetWindowLongPtrW
CreateWindowExW
RegisterClassExW
PostMessageW
GetMonitorInfoW
GetWindowRect
SetForegroundWindow

shell32

DragQueryFileW
SHCreateItemFromParsingName
ExtractIconW
ShellExecuteW
SHGetKnownFolderPath
DragFinish

gdi32

CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject
BitBlt
CreateRectRgn
GetDeviceCaps
ChoosePixelFormat
GetPixelFormat
SetPixelFormat
DescribePixelFormat
SwapBuffers
CreateDIBSection

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
OleInitialize
CoUninitialize

comctl32

TaskDialogIndirect

dwmapi

DwmEnableBlurBehindWindow

imm32

ImmAssociateContextEx
ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext

ntdll

NtWriteFile
RtlNtStatusToDosError
NtReadFile

opengl32

wglDeleteContext
wglCreateContext
wglGetProcAddress
wglGetCurrentContext
wglMakeCurrent

d3dcompiler_47

D3DCompile

oleaut32

GetErrorInfo
SysFreeString
SysStringLen

uxtheme

SetWindowTheme

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eedc60a9ed426860ecc66dc40ba33062

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-synch-l1-2-0

bcryptprimitives

kernel32

user32

shell32

gdi32

ole32

comctl32

dwmapi

imm32

ntdll

opengl32

d3dcompiler_47

oleaut32

uxtheme

Sections

.text Size: 6.6MB - Virtual size: 6.6MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 14KB - Virtual size: 19KB

.pdata Size: 79KB - Virtual size: 79KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 48KB - Virtual size: 48KB

.text
Size: 6.6MB - Virtual size: 6.6MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 14KB - Virtual size: 19KB

.pdata
Size: 79KB - Virtual size: 79KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 48KB - Virtual size: 48KB