C:\Users\Spuck\Downloads\Metamorph-main\Metamorph-main\x64\Release\Metamorph-Checker.pdb
Static task
static1
1 signatures
General
-
Target
Metamorph_[unknowncheats.me]__[unknowncheats.me]_.zip
-
Size
556KB
-
MD5
179b29ec7cbf3586bf3401eecafdfeaa
-
SHA1
8b70f82bed176e0d6d140173dd04128d0cef97ef
-
SHA256
eb2745258402e7faaede2a3820913446eb10b2ace4c2dc169f32e7a8b0cd1b90
-
SHA512
1b72881e928631c9f0bada9be766de7b3d7c36b83275594a63f5115616dcd295bbfbf15a4726fa04a45a864a4e3ec639c71be784d69fadb00d863fe671fbfacd
-
SSDEEP
12288:fcSy6GT16lIQ4IDlH63+e5qKWmYlkQAj99zA2wMWsN+nSauCAT8zU9:W620L4ejXCxA2YSztr
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/Metamorph_[unknowncheats.me]_/Metamorph-Checker.exe unpack001/Metamorph_[unknowncheats.me]_/Metamorph.exe
Files
-
Metamorph_[unknowncheats.me]__[unknowncheats.me]_.zip.zip
-
Metamorph_[unknowncheats.me]_/Metamorph-Checker.exe.exe windows:6 windows x64 arch:x64
26e7db2b4183c72fb98e1bb6eb91752f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
WideCharToMultiByte
FindNextFileW
FindFirstFileExW
GetComputerNameA
GetProcessHeap
LocalFree
HeapAlloc
CloseHandle
GetLastError
GetCurrentProcess
GetSystemFirmwareTable
FindClose
GetLocaleInfoEx
FormatMessageA
GetStdHandle
AreFileApisANSI
GetModuleHandleW
MultiByteToWideChar
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
SetConsoleTextAttribute
user32
SystemParametersInfoA
advapi32
RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
RegCloseKey
ConvertSidToStringSidA
GetTokenInformation
GetUserNameA
ole32
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitializeEx
oleaut32
VariantClear
SysFreeString
SysAllocString
msvcp140
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Xbad_function_call@std@@YAXXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?good@ios_base@std@@QEBA_NXZ
iphlpapi
GetIpNetTable
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_exception_copy
memcmp
memcpy
memset
__current_exception_context
__current_exception
_CxxThrowException
__C_specific_handler
__std_exception_destroy
memmove
__std_terminate
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vfprintf
__acrt_iob_func
__p__commode
api-ms-win-crt-time-l1-1-0
_localtime64_s
strftime
_time64
api-ms-win-crt-runtime-l1-1-0
system
terminate
_seh_filter_exe
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_set_app_type
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_configure_narrow_argv
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-heap-l1-1-0
_callnewh
free
malloc
_set_new_mode
api-ms-win-crt-math-l1-1-0
__setusermatherr
_dclass
_dsign
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
localeconv
___lc_codepage_func
Sections
.text Size: 82KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 178KB - Virtual size: 177KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 336B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Metamorph_[unknowncheats.me]_/Metamorph.exe.exe windows:6 windows x64 arch:x64
99fc3d84b102e6c0d0e0b2b42f730448
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Spuck\Downloads\Metamorph-main\Metamorph-main\x64\Release\Metamorph.pdb
Imports
kernel32
GetProcAddress
GetCurrentProcessId
GetTempPathW
GetSystemFirmwareTable
GetLastError
HeapAlloc
GetProcessHeap
CloseHandle
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
Process32Next
WriteConsoleW
HeapSize
SetStdHandle
GetModuleHandleA
GetCurrentThreadId
CreateFileW
VirtualAlloc
DeviceIoControl
VirtualFree
GetStdHandle
Process32First
SetConsoleTextAttribute
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
ReadConsoleW
FormatMessageA
LocalFree
GetLocaleInfoEx
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
SetFileInformationByHandle
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwind
DeleteFileW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
WriteFile
GetCommandLineA
GetCommandLineW
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetTimeZoneInformation
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
SetEndOfFile
user32
SystemParametersInfoA
advapi32
RegSetValueExA
RegOpenKeyExA
RegSetKeyValueW
RegCloseKey
RegDeleteTreeW
RegCreateKeyW
RegOpenKeyW
RegQueryValueExA
ntdll
NtQuerySystemInformation
RtlInitUnicodeString
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
rpcrt4
RpcStringFreeA
UuidToStringA
UuidCreate
Sections
.text Size: 315KB - Virtual size: 315KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 148KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 239KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ