C:\Users\windows-user\Desktop\Minecraft Rat\x64\Release\STD.pdb
Behavioral task
behavioral1
Sample
STD.exe
Resource
win11-20250502-en
General
-
Target
STD.exe
-
Size
6.3MB
-
MD5
a27f9ce9ac43ae753d3d59e1b007ae29
-
SHA1
ccd637f9b510c880fa09867538c6faae29ed097e
-
SHA256
7a594591ece534e74299e4660ac0e2c458fca1136920f68904b6408c7e7e1071
-
SHA512
5fbbcc6761e63a4091bd38bf729c5b88bf51025c3e5d2f9d9303d7816a56ad8fb7ada0cc5e2f347e827ba5ea2e5e3337fd432f3c0428872464ce5d0cd8a58fd2
-
SSDEEP
49152:+GtlqY4VwASO79dY53/Gt/rTNtEb/UtjJFp1KktehlJzigH1oK9MtSc7iGv/T28i:rPWYbeyRhuRRzEDXb19AfyS+gJ0WPV7
Malware Config
Signatures
-
Latrodectus family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource STD.exe
Files
-
STD.exe.exe windows:6 windows x64 arch:x64
cc61ab59a4bd3ff6e3ac24de7f9984ea
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
crypt32
CertDuplicateCertificateContext
CertOpenStore
CertFindCertificateInStore
CertOpenSystemStoreW
CertGetNameStringA
CertGetCertificateContextProperty
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreA
kernel32
CreatePipe
GetTempPathA
SetHandleInformation
ReadFile
CloseHandle
GetLastError
ReleaseMutex
SetEndOfFile
CreateMutexW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
DeleteFileW
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapReAlloc
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
OutputDebugStringW
HeapAlloc
HeapFree
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
SetConsoleCtrlHandler
ExitProcess
FreeLibraryAndExitThread
ExitThread
CreateThread
WideCharToMultiByte
CreateProcessW
HeapSize
WriteConsoleW
GetModuleFileNameW
RaiseException
SetEvent
ResetEvent
CreateEventA
FormatMessageA
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
SetLastError
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
Sleep
GetEnvironmentVariableW
GetModuleHandleExW
VirtualFree
GetACP
RtlVirtualUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
GetExitCodeThread
CreateSemaphoreA
SwitchToFiber
DeleteFiber
CreateFiberEx
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
GetSystemTime
SystemTimeToFileTime
ConvertFiberToThread
ConvertThreadToFiberEx
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FindClose
FindFirstFileW
FindNextFileW
MoveFileExA
QueryPerformanceCounter
QueryPerformanceFrequency
InitOnceComplete
InitOnceBeginInitialize
TryAcquireSRWLockExclusive
SleepConditionVariableSRW
GetTickCount64
WaitForSingleObjectEx
LocalFree
GetLocaleInfoEx
GetCurrentDirectoryW
CreateFileW
FindFirstFileExW
GetFileAttributesExW
GetFileInformationByHandle
GetFullPathNameW
SetFileInformationByHandle
AreFileApisANSI
GetFileInformationByHandleEx
WakeConditionVariable
WakeAllConditionVariable
LCMapStringEx
InitializeCriticalSectionEx
EncodePointer
DecodePointer
CompareStringEx
GetCPInfo
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
RtlUnwind
user32
ReleaseDC
GetDC
UpdateWindow
PostQuitMessage
LoadCursorW
TranslateMessage
DispatchMessageW
ShowWindow
RegisterClassExW
CreateWindowExW
DefWindowProcW
GetMessageW
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
GetSystemMetrics
gdi32
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteObject
DeleteDC
GetDIBits
advapi32
ReportEventW
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptGenRandom
DeregisterEventSource
CryptDestroyKey
GetUserNameW
RegisterEventSourceW
CryptSetHashParam
CryptAcquireContextW
CryptReleaseContext
ws2_32
WSAWaitForMultipleEvents
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSASetLastError
WSACleanup
__WSAFDIsSet
closesocket
select
shutdown
WSASocketW
accept
getaddrinfo
WSAStartup
getpeername
getsockname
send
socket
ntohs
connect
recv
getsockopt
freeaddrinfo
ioctlsocket
getnameinfo
setsockopt
bind
listen
htonl
WSAGetLastError
htons
inet_addr
inet_ntoa
gethostbyaddr
gethostbyname
getservbyport
getservbyname
recvfrom
sendto
ntohl
WSASocketA
inet_pton
bcrypt
BCryptGenRandom
Sections
.text Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 194KB - Virtual size: 193KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ