AntivirusDefender8[.]0-main[.]zip

Resubmissions

08/07/2024, 11:05 UTC

240708-m639fsyaph 4

08/07/2024, 11:00 UTC

240708-m359msxhrf 3

08/07/2024, 10:54 UTC

240708-mzmm5avgrj 3

08/07/2024, 10:49 UTC

240708-mw431axfra 7

08/07/2024, 10:46 UTC

240708-mtxwxaxfjc 3

08/07/2024, 10:42 UTC

240708-mrn6zsxekb 7

Sharing

Copy URL

Twitter E-mail

General

Target

AntivirusDefender8.0-main.zip
Size

34KB
MD5

5c90630ffc59f7c9177238825bd053b5
SHA1

1169dcec468c24a74e774405e570dc6c4916825e
SHA256

1ee3788918d34886873b12b45d7723e64eebe81cd117dbbf95f75fb99b38ea2d
SHA512

0ef1e0c24ca9001a30476eaa640ef3b36890af790e6a45d92fcae42436f80bc5039000c0e37101632e8cb890e4faef8de34cd3541e38e9c1527d812c3a357162
SSDEEP

768:QDbFz8pPHib6SEJWNsjj45uY9FZ4nPl1SItgKb:QVwviSljj4VJOOapb

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AntivirusDefender8.0-main/RUNTHISFIRST.exe
unpack001/AntivirusDefender8.0-main/bootmgfw.efi

Files

AntivirusDefender8.0-main.zip
.zip
AntivirusDefender8.0-main/.gitattributes
AntivirusDefender8.0-main/AntivirusDefender8.0.lnk
.lnk
AntivirusDefender8.0-main/LICENSE
AntivirusDefender8.0-main/README.md
AntivirusDefender8.0-main/RUNTHISFIRST.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\victim\source\repos\RUNTHISFIRST\RUNTHISFIRST\obj\Debug\RUNTHISFIRST.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AntivirusDefender8.0-main/bootmgfw.efi
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

AbsolutePointerProtocol
AcpiTableGuid
AcquireLock
AdapterDebugProtocol
AllocatePool
AllocateZeroPool
AppendDevicePath
AppendDevicePathInstance
AppendDevicePathNode
AsciiPrint
AsciiVSPrint
Atoi
BCDtoDecimal
BS
CRCTable
CalculateCrc
CatPrint
CheckCrc
CheckCrcAltSize
CloseSimpleReadFile
CompareGuid
CompareMem
CopyMem
DbgAssert
DbgPrint
DecimaltoBCD
DevPathTable
DevicePathFromHandle
DevicePathInstance
DevicePathInstanceCount
DevicePathSize
DevicePathToStr
DivU64x32
DumpHex
DuplicateDevicePath
EFIDebug
EFIDebugVariable
EfiDtbTableGuid
EfiPartTypeLegacyMbrGuid
EfiPartTypeSystemPartitionGuid
EndDevicePath
EndInstanceDevicePath
ErrorCodeTable
ErrorOutSpliterProtocol
Exit
FileDevicePath
FloatToString
FreePool
GetShellArgcArgv
GrowBuffer
GuidList
GuidToString
Hex
IInput
IPrint
IPrintAt
InitializeGlobalIoDevice
InitializeGuid
InitializeLib
InitializeLibPlatform
InitializeLock
InitializeUnicodeSupport
Input
InternalShellProtocol
Ip4Protocol
Ip4ServiceBindingProtocol
IsLocalPrint
IsValidAscii
IsValidEfiCntlChar
LShiftU64
LegacyBootProtocol
LibCreateProtocolNotifyEvent
LibDeleteVariable
LibDevicePathToInterface
LibDuplicateDevicePathInstance
LibFileInfo
LibFileSystemInfo
LibFileSystemVolumeLabelInfo
LibFwInstance
LibGetSmbiosString
LibGetSmbiosSystemGuidAndSerialNumber
LibGetSystemConfigurationTable
LibGetUiString
LibGetVariable
LibGetVariableAndSize
LibImageHandle
LibInitialized
LibInsertToTailOfBootOrder
LibInstallProtocolInterfaces
LibIsValidTextGraphics
LibLocateHandle
LibLocateHandleByDiskSignature
LibLocateProtocol
LibMatchDevicePaths
LibMemoryMap
LibOpenRoot
LibReinstallProtocolInterfaces
LibRuntimeDebugOut
LibRuntimeRaiseTPL
LibRuntimeRestoreTPL
LibSetNVVariable
LibSetVariable
LibStubMetaiMatch
LibStubStrLwrUpr
LibStubStriCmp
LibStubUnicodeInterface
LibUninstallProtocolInterfaces
MetaMatch
MetaiMatch
MpsTableGuid
MultU64x32
NullGuid
OpenSimpleReadFile
Output
PFLUSH
PGETC
PITEM
PPUTC
PSETATTR
PoolAllocationType
PoolPrint
Print
PrintAt
RShiftU64
RT
ReadPciConfig
ReadPort
ReadSimpleReadFile
ReallocatePool
ReleaseLock
RootDevicePath
RtAcquireLock
RtBCDtoDecimal
RtCompareGuid
RtCompareMem
RtConvertList
RtCopyMem
RtDecimaltoBCD
RtLibEnableVirtualMappings
RtReleaseLock
RtSetMem
RtStpCpy
RtStpnCpy
RtStrCat
RtStrCmp
RtStrCpy
RtStrLen
RtStrSize
RtStrnCat
RtStrnCpy
RtStrnLen
RtZeroMem
SMBIOS3TableGuid
SMBIOSTableGuid
ST
SalSystemTableGuid
SetCrc
SetCrcAltSize
SetMem
ShellDynamicCommandProtocolGuid
ShellParametersProtocolGuid
ShellProtocolGuid
SimplePointerProtocol
SimpleTextInputExProtocol
StatusToString
StpCpy
StpnCpy
StrCat
StrCmp
StrCpy
StrDuplicate
StrLen
StrLwr
StrSize
StrUpr
StriCmp
StrnCat
StrnCmp
StrnCpy
StrnLen
Tcp4Protocol
Tcp4ServiceBindingProtocol
TextInSpliterProtocol
TextOutSpliterProtocol
TimeToString
Udp4Protocol
Udp4ServiceBindingProtocol
UnicodeInterface
UnicodeSPrint
UnicodeToPcAnsiOrAscii
UnicodeVSPrint
UnknownDevice
UnpackDevicePath
VPoolPrint
VPrint
ValidMBR
ValueToHex
ValueToString
VariableStoreProtocol
VgaClassProtocol
WaitForEventWithTimeout
WaitForSingleEvent
WritePciConfig
WritePort
ZeroMem
_DbgOut
_IPrint
_PoolCatPrint
_PoolPrint
_Print
_SPrint
efi_call0
efi_call1
efi_call10
efi_call2
efi_call3
efi_call4
efi_call5
efi_call6
efi_call7
efi_call8
efi_call9
efi_main
gEFiUiInterfaceProtocolGuid
gEfiBlockIo2ProtocolGuid
gEfiBlockIoProtocolGuid
gEfiBusSpecificDriverOverrideProtocolGuid
gEfiComponentName2ProtocolGuid
gEfiComponentNameProtocolGuid
gEfiDebugImageInfoTableGuid
gEfiDebugSupportProtocolGuid
gEfiDeviceIoProtocolGuid
gEfiDevicePathFromTextProtocolGuid
gEfiDevicePathProtocolGuid
gEfiDevicePathToTextProtocolGuid
gEfiDevicePathUtilitiesProtocolGuid
gEfiDiskIo2ProtocolGuid
gEfiDiskIoProtocolGuid
gEfiDriverBindingProtocolGuid
gEfiDriverFamilyOverrideProtocolGuid
gEfiEbcProtocolGuid
gEfiEdidActiveProtocolGuid
gEfiEdidDiscoveredProtocolGuid
gEfiEdidOverrideProtocolGuid
gEfiFileInfoGuid
gEfiFileSystemInfoGuid
gEfiFileSystemVolumeLabelInfoIdGuid
gEfiGlobalVariableGuid
gEfiGraphicsOutputProtocolGuid
gEfiHashProtocolGuid
gEfiLoadFileProtocolGuid
gEfiLoadedImageProtocolGuid
gEfiNetworkInterfaceIdentifierProtocolGuid
gEfiPcAnsiGuid
gEfiPciIoProtocolGuid
gEfiPciRootBridgeIoProtocolGuid
gEfiPlatformDriverOverrideProtocolGuid
gEfiPxeBaseCodeCallbackProtocolGuid
gEfiPxeBaseCodeProtocolGuid
gEfiSerialIoProtocolGuid
gEfiSimpleFileSystemProtocolGuid
gEfiSimpleNetworkProtocolGuid
gEfiSimpleTextInProtocolGuid
gEfiSimpleTextOutProtocolGuid
gEfiUnicodeCollationProtocolGuid
gEfiVT100Guid
gEfiVT100PlusGuid
gEfiVTUTF8Guid
longjmp
memcpy
memset
setjmp
strcmpa
strlena
strncmpa
xtoi

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 7KB

.pdata Size: 2KB - Virtual size: 2KB

.xdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 2KB

.edata Size: 7KB - Virtual size: 7KB

.idata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 396B

We care about your privacy.

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 7KB

.pdata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 7KB - Virtual size: 7KB

.idata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 396B