TREX CHEAT[.]zip

Resubmissions

09/08/2024, 23:29

240809-3gywfavcnp 3

09/08/2024, 23:23

240809-3dl3gaydng 3

Sharing

Copy URL Twitter E-mail

General

Target

TREX CHEAT.zip
Size

9.2MB
MD5

eef11ded7d9fbc83e7ae46f77be8a7f1
SHA1

e67d4958508b76c63e84518e9dc0be7992420cc3
SHA256

1c7d5decb3f2d120783619a35a3737ae36ec2e06fa3b5b9975ac519ddfec2cc2
SHA512

a958d40d202fe492993e5ae52341c03c2f63af2c26031919819e75969534411f697f84dac96035afc80de7b2e2b7f844fd67d93f147e8b06955490fbedf29c02
SSDEEP

196608:Tb2gv5fBa6+YENEv3caRquqpIm6ZTe1GRHHB8eodVhiP3r4/WbU3Qk2vnP:Tb2gGJ9SVDDmSe1GRHh8bdnVzAPvnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TREX CHEAT.exe

Files

TREX CHEAT.zip
.zip
TREX CHEAT.exe
.exe windows:6 windows x64 arch:x64

572950c29fcf4e368311fe4d27ed076a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW

kernel32

QueryPerformanceCounter
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

RegisterClassExW
CharUpperBuffW

shell32

ShellExecuteA

msvcp140

_Cnd_timedwait

ntdll

NtQuerySystemInformation

dwmapi

DwmExtendFrameIntoClientArea

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileInMemory

urlmon

URLDownloadToFileW

userenv

UnloadUserProfile

imm32

ImmSetCompositionWindow

rpcrt4

UuidToStringA

psapi

GetModuleInformation

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcmp

api-ms-win-crt-heap-l1-1-0

realloc

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn

api-ms-win-crt-stdio-l1-1-0

fopen

api-ms-win-crt-math-l1-1-0

pow

api-ms-win-crt-time-l1-1-0

_localtime64

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-string-l1-1-0

strcpy_s

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-filesystem-l1-1-0

_stat64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

api-ms-win-crt-environment-l1-1-0

getenv

normaliz

IdnToAscii

ws2_32

__WSAFDIsSet

wldap32

ord60

crypt32

CertFindExtension

Sections

.text
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 841KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 23.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MBZ0
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MBZ1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MBZ2
Size: 9.5MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

572950c29fcf4e368311fe4d27ed076a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shell32

msvcp140

ntdll

dwmapi

d3d9

d3dx9_43

urlmon

userenv

imm32

rpcrt4

psapi

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-environment-l1-1-0

normaliz

ws2_32

wldap32

crypt32

Sections

.text Size: - Virtual size: 2.1MB

.rdata Size: - Virtual size: 841KB

.data Size: - Virtual size: 23.5MB

.pdata Size: - Virtual size: 80KB

.MBZ0 Size: - Virtual size: 4.2MB

.MBZ1 Size: 6KB - Virtual size: 6KB

.MBZ2 Size: 9.5MB - Virtual size: 9.5MB

.rsrc Size: 260KB - Virtual size: 259KB

.text
Size: - Virtual size: 2.1MB

.rdata
Size: - Virtual size: 841KB

.data
Size: - Virtual size: 23.5MB

.pdata
Size: - Virtual size: 80KB

.MBZ0
Size: - Virtual size: 4.2MB

.MBZ1
Size: 6KB - Virtual size: 6KB

.MBZ2
Size: 9.5MB - Virtual size: 9.5MB

.rsrc
Size: 260KB - Virtual size: 259KB