D:\Dev Projects\Visual Studio\Dll Injector\build\Kranos-x64.pdb
Static task
static1
1 signatures
General
-
Target
Kranos-x64.zip
-
Size
917KB
-
MD5
e87fb05babcd7cba32ac10b3b556cceb
-
SHA1
f7bdae3276e225ae6888903e86c438915a6005ee
-
SHA256
3af9f2ad225cce8ad023aa7e63d1179fc802b1aa275f3623eaa7735394c33747
-
SHA512
b0cdc01d8e869967450428792b88b2c695478832c4b3bf536c771683191c362e30385bddcf985e71d2585d3ec7b02e32e73e6a0659bd9a93cbefd894bb74a511
-
SSDEEP
24576:UnWCd7HTIn9PzBpM4SwbHRZSiZyod6hf+7W:UnWczGNzk4nvG
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/Kranos-x64.exe unpack001/Kranos-x86.exe
Files
-
Kranos-x64.zip.zip
-
Kranos-x64.exe.exe windows:6 windows x64 arch:x64
b3c6e993a34ef81a90b66768858f7d0a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
opengl32
glClear
glClearColor
glViewport
kernel32
CreateToolhelp32Snapshot
GetLastError
GetFileAttributesA
Process32Next
IsWow64Process
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
FreeLibrary
GetStartupInfoW
GetModuleHandleW
SetThreadExecutionState
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceCounter
QueryPerformanceFrequency
VerSetConditionMask
GetModuleHandleExW
FormatMessageW
FindFirstFileExW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
GetProcessHeap
HeapQueryInformation
HeapReAlloc
HeapFree
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
VirtualProtect
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
OpenProcess
GetFileSizeEx
WriteConsoleW
OutputDebugStringW
GetFileType
WriteFile
GetStdHandle
ReadFile
GetSystemInfo
HeapValidate
HeapSize
HeapAlloc
ExitProcess
GetModuleFileNameW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
LoadLibraryExA
GetCurrentProcess
Process32First
GetModuleFileNameA
GetExitCodeProcess
VirtualFreeEx
CreateRemoteThread
ReadProcessMemory
VirtualAllocEx
GetProcAddress
VirtualProtectEx
CloseHandle
LoadLibraryA
Sleep
RtlAddFunctionTable
WriteProcessMemory
SetEndOfFile
FindNextFileW
SetFilePointerEx
RtlUnwind
CreateFileW
FindClose
user32
GetRawInputDeviceList
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterClassW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
CreateIconIndirect
LoadImageW
DestroyIcon
LoadCursorW
GetClassLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
RemovePropW
GetPropW
SetPropW
ReleaseDC
GetDC
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
MapVirtualKeyW
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetMessageExtraInfo
CallWindowProcW
SetWindowLongPtrW
GetWindowLongPtrW
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetWindowThreadProcessId
PostThreadMessageA
SetWindowsHookExA
FindWindowA
GetRawInputDeviceInfoA
gdi32
CreateDIBSection
DeleteObject
CreateRectRgn
ChoosePixelFormat
CreateDCW
SwapBuffers
SetPixelFormat
DescribePixelFormat
CreateBitmap
SetDeviceGammaRamp
GetDeviceGammaRamp
GetDeviceCaps
DeleteDC
comdlg32
GetOpenFileNameA
shell32
DragFinish
DragQueryPoint
DragQueryFileW
ShellExecuteA
DragAcceptFiles
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
Sections
.text Size: 844KB - Virtual size: 843KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 308KB - Virtual size: 307KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.fptable Size: 512B - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Kranos-x86.exe.exe windows:6 windows x86 arch:x86
1be02a4d1e820dc92441cdc374093c3d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\Dev Projects\Visual Studio\Dll Injector\build\Kranos-x86.pdb
Imports
opengl32
glClear
glClearColor
glViewport
kernel32
GetLastError
GetFileAttributesA
Process32Next
IsWow64Process
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
FreeLibrary
GetStartupInfoW
GetModuleHandleW
SetThreadExecutionState
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceCounter
QueryPerformanceFrequency
VerSetConditionMask
GetModuleHandleExW
FormatMessageW
CreateFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
GetProcessHeap
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
VirtualProtect
FlsFree
FlsSetValue
FlsGetValue
CreateToolhelp32Snapshot
SetFilePointerEx
GetFileSizeEx
WriteConsoleW
OutputDebugStringW
GetFileType
WriteFile
GetStdHandle
ReadFile
GetSystemInfo
HeapValidate
HeapAlloc
ExitProcess
GetModuleFileNameW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
OpenProcess
LoadLibraryExA
GetCurrentProcess
Process32First
GetModuleFileNameA
GetExitCodeProcess
VirtualFreeEx
CreateRemoteThread
ReadProcessMemory
VirtualAllocEx
GetProcAddress
VirtualProtectEx
CloseHandle
LoadLibraryA
Sleep
WriteProcessMemory
FindNextFileW
SetStdHandle
FindClose
FlsAlloc
SetEndOfFile
FindFirstFileExW
user32
GetRawInputDeviceList
GetRawInputDeviceInfoA
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterClassW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
CreateIconIndirect
LoadImageW
DestroyIcon
LoadCursorW
GetClassLongW
PtInRect
OffsetRect
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
RemovePropW
GetPropW
SetPropW
ReleaseDC
GetDC
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
MapVirtualKeyW
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetWindowLongW
GetMessageExtraInfo
CallWindowProcW
SetWindowLongW
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetWindowThreadProcessId
PostThreadMessageA
SetWindowsHookExA
FindWindowA
EnumDisplayMonitors
gdi32
CreateDIBSection
DeleteObject
CreateRectRgn
ChoosePixelFormat
CreateDCW
SwapBuffers
SetPixelFormat
DescribePixelFormat
CreateBitmap
SetDeviceGammaRamp
GetDeviceGammaRamp
GetDeviceCaps
DeleteDC
comdlg32
GetOpenFileNameA
shell32
DragFinish
DragQueryPoint
DragQueryFileW
ShellExecuteA
DragAcceptFiles
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
Sections
.text Size: 709KB - Virtual size: 708KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 273KB - Virtual size: 273KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fptable Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ