silverbullet[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

silverbullet.exe
Size

90.6MB
MD5

85a1ea7b37ddb2521a95ad4daef5a142
SHA1

d266fd330afebcb691148f4e6e626eca2e9e5a30
SHA256

55d8932470f7016533c01d1906eeeb0eb57f929c59846854d6db442f87b99bdc
SHA512

1c251a1cd681354a64e1bd3eb12b4e56283830457229aa2af6209cbc94ad1f0393cd722de2c0249a3ce945dc3f1de21e54227a6e0f79abe337cefbb9d49d1b11
SSDEEP

393216:A+FL/qB6Y3labHPqmx58JEMmPI0cd4NkwVAliXUxbblHa93Whli6Z8hYodonxVw7:AUS8qabHiW58KM90cdEsodon36HZRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
silverbullet.exe

Files

silverbullet.exe
.exe windows:6 windows x64 arch:x64

b1ecf9b69e277dcacc9cc20df18808da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\a\deno\deno\target\release\deps\denort.pdb

Imports

kernel32

lstrlenW
GetConsoleScreenBufferInfo
GetLastError
AddVectoredExceptionHandler
SetThreadStackGuarantee
HeapFree
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
CreateMutexA
ReleaseMutex
GetProcAddress
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
AcquireSRWLockShared
ReleaseSRWLockShared
WakeAllConditionVariable
ReleaseSRWLockExclusive
SleepConditionVariableSRW
GlobalUnlock
SetThreadErrorMode
LoadLibraryExW
TryAcquireSRWLockShared
FormatMessageW
CreateFileW
GetFileInformationByHandle
SetCurrentDirectoryW
GetStdHandle
CreateIoCompletionPort
GetSystemInfo
OpenProcess
GetPriorityClass
SetPriorityClass
GetFileType
GetConsoleMode
WriteConsoleInputW
PeekConsoleInputW
FlushConsoleInputBuffer
WaitForMultipleObjects
GetNumberOfConsoleInputEvents
ResetEvent
SetConsoleMode
TerminateProcess
RegisterWaitForSingleObject
CreateNamedPipeW
ConnectNamedPipe
DuplicateHandle
GlobalMemoryStatusEx
GetTickCount64
FreeEnvironmentStringsW
CreateToolhelp32Snapshot
Process32First
Process32Next
GetDiskFreeSpaceW
FreeLibrary
LoadLibraryW
WaitForSingleObject
CreateEventA
GetModuleHandleW
SetErrorMode
WideCharToMultiByte
SetFileTime
LockFileEx
UnlockFile
SetLastError
GetFullPathNameW
DeviceIoControl
UnmapViewOfFile
VirtualProtect
CreateFileMappingW
MapViewOfFile
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
ReadFile
GetOverlappedResult
WriteFile
CancelIoEx
SetFileCompletionNotificationModes
CreateSemaphoreW
CancelIo
ReadDirectoryChangesW
ReleaseSemaphore
Sleep
GetModuleHandleA
WakeConditionVariable
GlobalLock
GlobalSize
ReadConsoleInputW
GetConsoleCursorInfo
SetConsoleCursorInfo
SetConsoleCursorPosition
WriteConsoleW
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
VirtualQuery
IsThreadAFiber
ConvertThreadToFiber
CreateFiber
SwitchToFiber
DeleteFiber
ConvertFiberToThread
GetCurrentThread
MultiByteToWideChar
CreateWaitableTimerExW
SetWaitableTimer
QueryPerformanceFrequency
GetCurrentDirectoryW
GetEnvironmentVariableW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetTempPathW
GetModuleFileNameW
GetCommandLineW
SetFileInformationByHandle
GetFileInformationByHandleEx
FlushFileBuffers
GetFinalPathNameByHandleW
SetFilePointerEx
FindNextFileW
CreateDirectoryW
HeapReAlloc
FindClose
ReadConsoleW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
CreateThread
ReadFileEx
SleepEx
WriteFileEx
GetExitCodeProcess
CreateEventW
ExitProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
DeleteFileW
MoveFileExW
RemoveDirectoryW
CreateSymbolicLinkW
CreateHardLinkW
CopyFileExW
SetHandleInformation
SetFileAttributesW
UnregisterWaitEx
GetProcessId
SetConsoleCtrlHandler
RemoveVectoredExceptionHandler
LoadLibraryExA
VirtualAlloc
VirtualFree
GetTickCount
FormatMessageA
GetSystemTime
SystemTimeToFileTime
GetFileSize
LocalFree
HeapDestroy
HeapCompact
DeleteFileA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
HeapCreate
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetNativeSystemInfo
SetUnhandledExceptionFilter
RtlCaptureStackBackTrace
GetLocaleInfoEx
IsDebuggerPresent
GetTimeZoneInformation
GetTempFileNameA
VerSetConditionMask
VerifyVersionInfoW
MapViewOfFileEx
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
QueryThreadCycleTime
GetThreadPriority
SetThreadPriority
RtlAddFunctionTable
RtlDeleteFunctionTable
FlsAlloc
FlsGetValue
FlsSetValue
GetDynamicTimeZoneInformation
GetUserGeoID
GetGeoInfoW
CreateSemaphoreA
InitializeConditionVariable
SuspendThread
GetThreadContext
ResumeThread
ResolveLocaleName
GetCurrencyFormatEx
GetNumberFormatEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDateFormatEx
GetTimeFormatEx
FindFirstFileExW
SetStdHandle
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
AcquireSRWLockExclusive
CloseHandle
SwitchToThread
FindFirstFileW
TryAcquireSRWLockExclusive
GetTimeFormatW
GetDateFormatW
FlsFree
GetCommandLineA
GetConsoleOutputCP
GetCPInfo
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
EncodePointer
InterlockedPushEntrySList
RtlUnwindEx
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
RaiseException
RtlPcToFileHeader
RtlUnwind

user32

CreateWindowExA
GetDC
MapVirtualKeyW
OpenClipboard
GetClipboardData
GetClientRect
DefWindowProcA
RegisterClassExA
CloseClipboard

shell32

SHGetKnownFolderPath

gdi32

SetPixelFormat
GetPixelFormat
ChoosePixelFormat
DescribePixelFormat

ntdll

NtDeviceIoControlFile
NtWriteFile
NtCancelIoFileEx
NtReadFile
RtlGetVersion
RtlNtStatusToDosError
NtCreateFile
NtQuerySystemInformation

opengl32

wglMakeCurrent
wglGetProcAddress
wglDeleteContext
wglCreateContext
wglGetCurrentContext

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertVerifyTimeValidity
CertOpenStore
CertGetEnhancedKeyUsage
CertCloseStore
CertDuplicateCertificateContext

ole32

CoTaskMemFree

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ws2_32

getsockopt
accept
ioctlsocket
recv
send
sendto
recvfrom
WSASocketW
bind
getaddrinfo
freeaddrinfo
WSACleanup
socket
WSAIoctl
getpeername
WSAStartup
GetHostNameW
WSASend
shutdown
WSAGetLastError
setsockopt
listen
closesocket
getsockname
connect

advapi32

LookupPrivilegeValueW
SystemFunction036
EventSetInformation
RegQueryValueExW
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyExW
EventRegister
EventWriteTransfer
RegQueryInfoKeyW
GetUserNameW
RegEnumKeyExW

psapi

GetPerformanceInfo
GetProcessMemoryInfo

iphlpapi

GetAdaptersAddresses

bcrypt

BCryptGenRandom

d3dcompiler_47

D3DCompile

oleaut32

SysStringLen
GetErrorInfo
SysFreeString

dbghelp

SymSetSearchPathW
SymInitialize
SymFunctionTableAccess64
StackWalk64
SymFromAddr
SymGetLineFromAddr64
SymGetModuleBase64
SymGetSearchPathW
SymSetOptions

Exports

Exports

CrashForExceptionInNonABICompliantCodeRange

Sections

.text
Size: 43.5MB - Virtual size: 43.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27.0MB - Virtual size: 27.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1ecf9b69e277dcacc9cc20df18808da

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

gdi32

ntdll

opengl32

crypt32

ole32

winmm

ws2_32

advapi32

psapi

iphlpapi

bcrypt

d3dcompiler_47

oleaut32

dbghelp

Exports

Exports

Sections

.text Size: 43.5MB - Virtual size: 43.5MB

.rdata Size: 27.0MB - Virtual size: 27.0MB

.data Size: 207KB - Virtual size: 358KB

.pdata Size: 1.6MB - Virtual size: 1.6MB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 192KB - Virtual size: 192KB

.text
Size: 43.5MB - Virtual size: 43.5MB

.rdata
Size: 27.0MB - Virtual size: 27.0MB

.data
Size: 207KB - Virtual size: 358KB

.pdata
Size: 1.6MB - Virtual size: 1.6MB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 192KB - Virtual size: 192KB