Click to jump to signature section
Source: console_zero.exe | ReversingLabs: Detection: 79% |
Source: console_zero.exe | Virustotal: Detection: 69% | Perma Link |
Source: Submited Sample | Integrated Neural Analysis Model: Matched 94.9% probability |
Source: console_zero.exe | Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F284614 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose, | 0_2_000000013F284614 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F270FF4 FindClose,FindFirstFileExW,GetLastError, | 0_2_000000013F270FF4 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F271068 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,CloseHandle,CloseHandle, | 0_2_000000013F271068 |
Source: console_zero.exe | String found in binary or memory: http://worldtimeapi.org/api/timezone/Etc/UTC |
Source: console_zero.exe | String found in binary or memory: http://worldtimeapi.org/api/timezone/Etc/UTCapplication/octet-streamtext/plain; |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F288F54 | 0_2_000000013F288F54 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F2597B0 | 0_2_000000013F2597B0 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F284614 | 0_2_000000013F284614 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F27C644 | 0_2_000000013F27C644 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F251E40 | 0_2_000000013F251E40 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F28769C | 0_2_000000013F28769C |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F25AD50 | 0_2_000000013F25AD50 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F259D30 | 0_2_000000013F259D30 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F268440 | 0_2_000000013F268440 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F259480 | 0_2_000000013F259480 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F2894AC | 0_2_000000013F2894AC |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F26EB00 | 0_2_000000013F26EB00 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F256300 | 0_2_000000013F256300 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F263370 | 0_2_000000013F263370 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F26A260 | 0_2_000000013F26A260 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F261A30 | 0_2_000000013F261A30 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F255A70 | 0_2_000000013F255A70 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F279A78 | 0_2_000000013F279A78 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F283110 | 0_2_000000013F283110 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F286150 | 0_2_000000013F286150 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F2589A0 | 0_2_000000013F2589A0 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F27B7E4 | 0_2_000000013F27B7E4 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F259040 | 0_2_000000013F259040 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F27A08C | 0_2_000000013F27A08C |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F271068 | 0_2_000000013F271068 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F261070 | 0_2_000000013F261070 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F256880 | 0_2_000000013F256880 |
Source: classification engine | Classification label: mal60.winEXE@1/0@0/0 |
Source: console_zero.exe | Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
Source: C:\Users\user\Desktop\console_zero.exe | Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers | Jump to behavior |
Source: console_zero.exe | ReversingLabs: Detection: 79% |
Source: console_zero.exe | Virustotal: Detection: 69% |
Source: C:\Users\user\Desktop\console_zero.exe | Section loaded: libcurl.dll | Jump to behavior |
Source: console_zero.exe | Static PE information: Image base 0x140000000 > 0x60000000 |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT |
Source: console_zero.exe | Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Source: console_zero.exe | Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: console_zero.exe | Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata |
Source: console_zero.exe | Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc |
Source: console_zero.exe | Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc |
Source: console_zero.exe | Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata |
Source: console_zero.exe | Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata |
Source: console_zero.exe | Static PE information: section name: .fptable |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F25CB34 push rax; retf 0000h | 0_2_000000013F25CB41 |
Source: all processes | Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F284614 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose, | 0_2_000000013F284614 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F270FF4 FindClose,FindFirstFileExW,GetLastError, | 0_2_000000013F270FF4 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F271068 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,CloseHandle,CloseHandle, | 0_2_000000013F271068 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F27957C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, | 0_2_000000013F27957C |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F285880 GetProcessHeap, | 0_2_000000013F285880 |
Source: all processes | Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F2726B0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, | 0_2_000000013F2726B0 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F27957C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, | 0_2_000000013F27957C |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F272B44 SetUnhandledExceptionFilter, | 0_2_000000013F272B44 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F272964 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, | 0_2_000000013F272964 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F28A540 cpuid | 0_2_000000013F28A540 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: EnumSystemLocalesW, | 0_2_000000013F287FA8 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: EnumSystemLocalesW,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW, | 0_2_000000013F2886A4 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: GetLocaleInfoW, | 0_2_000000013F288560 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: TranslateName,TranslateName,GetACP,IsValidCodePage,GetLocaleInfoW, | 0_2_000000013F287C44 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP, | 0_2_000000013F2884AC |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: GetLocaleInfoW, | 0_2_000000013F2804C0 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: GetLocaleInfoW, | 0_2_000000013F288354 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: GetLocaleInfoEx,FormatMessageA, | 0_2_000000013F270A5C |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW, | 0_2_000000013F288110 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: EnumSystemLocalesW, | 0_2_000000013F28014C |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: EnumSystemLocalesW, | 0_2_000000013F288078 |
Source: C:\Users\user\Desktop\console_zero.exe | Code function: 0_2_000000013F272BB0 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter, | 0_2_000000013F272BB0 |