GreenLumaSettings_2024[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

GreenLumaSettings_2024.exe
Size

159KB
MD5

547dde574be95eaa8315b119e7db1e6b
SHA1

26e7f51d6e98333b7eea2122717bd1c23d199dd2
SHA256

440ac0c3ac37e144a443f4a242084cd4d5f69fb2e138d801a58f9ae99a4b5193
SHA512

68655e2f2a7aeadf535a48bb37df4c526e7228bed22cd801a1fe192825172e914078474b7e64ac9788369ebbb679c42fc2f6169e340a01bb846222c415a5f338
SSDEEP

3072:xI2ftGVV3PVuTx6JDu7MbGcfGDJX8Py16iuM8bD:xbqV3PsT067MCcfUaOu3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GreenLumaSettings_2024.exe

Files

GreenLumaSettings_2024.exe
.exe windows:6 windows x64 arch:x64

7af4fa1bdc48e37619f0bb9595c21979

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameW
InitializeCriticalSectionEx
CreateFileW
HeapSize
GetLastError
FillConsoleOutputCharacterW
HeapReAlloc
HeapAlloc
GetPrivateProfileIntW
DeleteCriticalSection
ExitProcess
GetProcessHeap
SetConsoleCursorPosition
ReadConsoleW
ReadFile
WriteConsoleW
CloseHandle
GetStdHandle
SetLastError
HeapFree
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
WritePrivateProfileStringW
IsDebuggerPresent
OutputDebugStringW
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleHandleExW
WriteFile
GetCommandLineA
GetCommandLineW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

user32

MessageBoxW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7af4fa1bdc48e37619f0bb9595c21979

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB