midnight-scp-launcher[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

midnight-scp-launcher.exe
Size

8.0MB
MD5

ce7ed466f9456485f3b2a896bbb3a020
SHA1

3d099dab05721bcfc117d9849bbede2f73592883
SHA256

498b8abe1254e05337748d05c1f0cf6832ae9426aec3cbbf6fc428d3215695ad
SHA512

91adf0439ec3be6a5eccaa66283f6d86f231979cdb7a4f64636dc27ebee3ad9e53738ffaba964d0f90f9844b61e767547e4edb060279eb9eaa07b06ddc12affc
SSDEEP

196608:SczfVxKUFf3yBQGlqyRhC8VwfbT5xLK2gnrTBtf3jGYTh:PzPKUV3yGGlqyRhhwTT5lK2g3jC+h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
midnight-scp-launcher.exe

Files

midnight-scp-launcher.exe
.exe windows:6 windows x64 arch:x64

Password: FREE_4AJB2DF0HSP7NA2

5f7044e3966bcd618da22c8c8c1283fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SystemParametersInfoA
CharUpperBuffW

advapi32

CopySid

shell32

ShellExecuteA

ole32

CoCreateInstance

oleaut32

VariantClear

userenv

UnloadUserProfile

ws2_32

connect

Sections

.text
Size: - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1006KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Llb
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.iKZ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.q;V
Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: FREE_4AJB2DF0HSP7NA2

5f7044e3966bcd618da22c8c8c1283fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

userenv

ws2_32

Sections

.text Size: - Virtual size: 248KB

.rdata Size: - Virtual size: 205KB

.data Size: - Virtual size: 1006KB

.pdata Size: - Virtual size: 13KB

_RDATA Size: - Virtual size: 348B

.Llb Size: - Virtual size: 5.2MB

.iKZ Size: 3KB - Virtual size: 2KB

.q;V Size: 8.0MB - Virtual size: 8.0MB

.reloc Size: 512B - Virtual size: 260B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 248KB

.rdata
Size: - Virtual size: 205KB

.data
Size: - Virtual size: 1006KB

.pdata
Size: - Virtual size: 13KB

_RDATA
Size: - Virtual size: 348B

.Llb
Size: - Virtual size: 5.2MB

.iKZ
Size: 3KB - Virtual size: 2KB

.q;V
Size: 8.0MB - Virtual size: 8.0MB

.reloc
Size: 512B - Virtual size: 260B

.rsrc
Size: 512B - Virtual size: 480B