endgame-exploit-1[.]0[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

endgame-exploit-1.0.zip
Size

367KB
MD5

17191d46d6c14ee60969939838dbc121
SHA1

59233a37e149dd047699fc60e39941ff3a4a70d5
SHA256

8c0d5556b11d1cdb9989390133af394e50b35d35c6819ac4776b414861eb7566
SHA512

4589555c3a47d50921125fb5f4794d3edfa76c7fadf50cc2cc2c4b1bcb85dadc71670f071533eaef6951fb4e0c52643e595b099555b3d029ba0a811c3b7e39c2
SSDEEP

6144:c1HNzB3f15b1mLHH5TjE+yll3/ZRB80ugoq0KUjgxgzmarh+5H40o:CHTpWV8aNcUjIad+5Hbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/endgame-exploit-1.0/nasm.exe

Files

endgame-exploit-1.0.zip
.zip
endgame-exploit-1.0/.gitignore
endgame-exploit-1.0/LICENSE
endgame-exploit-1.0/README.md
endgame-exploit-1.0/main.py
endgame-exploit-1.0/nasm.exe
.exe windows:4 windows x64 arch:x64

8f1ec1fd3d4d2fbc60a99b20e51348b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_chsize
_commode
_errno
_filelengthi64
_fileno
_fmode
_fstat64
_fullpath
_gmtime64
_initterm
_localtime64
_lock
_onexit
_setmode
_stricmp
_strnicmp
_time64
_unlock
_waccess
_wfopen
_wstat64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fprintf
fputc
fputs
fread
free
fsetpos
fwrite
getc
getenv
isalpha
iscntrl
islower
ispunct
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memset
perror
putc
qsort
realloc
remove
setvbuf
signal
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tolower
toupper
ungetc
vfprintf
wcslen
_fileno

Sections

.text
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
endgame-exploit-1.0/shellcode.asm

Sharing

General

Malware Config

Signatures

Files

8f1ec1fd3d4d2fbc60a99b20e51348b7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 313KB - Virtual size: 313KB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.pdata Size: 10KB - Virtual size: 9KB

.xdata Size: 11KB - Virtual size: 11KB

.bss Size: - Virtual size: 3KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 35KB - Virtual size: 34KB

.text
Size: 313KB - Virtual size: 313KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.pdata
Size: 10KB - Virtual size: 9KB

.xdata
Size: 11KB - Virtual size: 11KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 35KB - Virtual size: 34KB