Ascension[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Ascension.exe
Size

7.3MB
MD5

e6306e0c0e8a61b2dd96f51f2dba6c94
SHA1

422448196b86801739151da40493a4dfe28b460e
SHA256

d54813f59a3fc0e527611070223fbab38191dacdfae64970e5dc55036ab8fa35
SHA512

ed260f2e4ce2a5bf517e0a840a762fa1aa12c6c0b963303c81b968ee84c6457fac8760787fb47b30831ef37ca29b13779f8b19cf7db87a61ca09b0f944731def
SSDEEP

98304:dSWhGvPwsP+Wc36yu00ovRwqCPNprDlYtUb17TLFdGX4QtT+W50Ylm:dfgTlovRwqCPNB9b1+4Ql1m

Score

N/A

Malware Config

Signatures

Files

Ascension.exe
.exe windows x86

b7fc31b6422013c5f943a1da91692ed3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringA
FlushFileBuffers
CloseHandle
CreateFileA
GetTimeZoneInformation
GetConsoleOutputCP
DeleteCriticalSection
OpenFile
DeviceIoControl
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
WriteConsoleA
WaitForMultipleObjectsEx
WriteFileEx
ReadFileEx
GetOverlappedResult
CancelIo
GetWindowsDirectoryA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
TlsGetValue
TlsAlloc
RtlUnwind
SetStdHandle
GetFileType
SetHandleCount
GetLastError
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
ConvertThreadToFiber
CreateFiberEx
DeleteFiber
GetDateFormatA
GetTimeFormatA
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
GetLocaleInfoA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
RaiseException
HeapSize
Sleep
VirtualQuery
UnmapViewOfFile
GetDriveTypeA
ExitThread
GetFullPathNameA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
VirtualProtect
LocalFree
FlushInstructionCache
GetQueuedCompletionStatus
CreateIoCompletionPort
GetCommandLineW
GlobalMemoryStatusEx
GetPriorityClass
SetPriorityClass
IsBadWritePtr
OpenThread
SuspendThread
GetThreadContext
Thread32First
Thread32Next
lstrcpynA
IsBadReadPtr
MulDiv
SwitchToFiber
GetSystemInfo
SetEvent
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GlobalMemoryStatus
ResumeThread
TerminateThread
SetThreadPriority
GetThreadPriority
GetProcessAffinityMask
SignalObjectAndWait
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
SizeofResource
LockResource
LoadResource
FindResourceExA
QueryPerformanceFrequency
Module32First
Module32Next
GetDiskFreeSpaceA
ReadFile
CreateThread
GetFileAttributesExA
GetFileSize
GetFileAttributesA
MoveFileA
DeleteFileA
CreateEventA
OpenEventA
GetComputerNameA
GetTempPathA
CreateToolhelp32Snapshot
SetThreadAffinityMask
WaitForSingleObjectEx
CreateProcessA
DuplicateHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetDiskFreeSpaceExA
GetShortPathNameA
CreateDirectoryA
RemoveDirectoryA
SetEndOfFile
SetFileAttributesA
SetFileTime
ResetEvent
WaitForMultipleObjects
SetProcessAffinityMask
GetLocalTime
FormatMessageA
GetExitCodeProcess
GetVersion
OutputDebugStringA
CreateMutexA
ReleaseMutex

opengl32

glGenTextures
glEnable
glTexParameteri
glReadPixels
wglGetProcAddress
wglDeleteContext
wglMakeCurrent
wglCreateContext
glBindTexture
glTexImage2D
glDeleteTextures
glDisable
glGetError
glGetIntegerv
glGetString
glCopyTexSubImage2D
glCopyTexImage2D
wglGetCurrentDC
glCullFace
glBlendFunc
glMatrixMode
glPolygonOffset
wglGetCurrentContext
glColorPointer
glTexCoordPointer
glScissor
glClipPlane
glPolygonMode
glViewport
glDepthRange
glDepthMask
glColorMask
glTexGeni
glNormalPointer
glVertexPointer
glLightf
glLightfv
glLightModelfv
glColor4fv
glMaterialfv
glLoadIdentity
glLoadMatrixf
glFogf
glFogi
glPixelStorei
glColorMaterial
glLightModeli
glTexGenfv
glPointSize
glFrontFace
glDepthFunc
glFogfv
glAlphaFunc
glMaterialf
glTexSubImage2D
glClear
glClearColor
wglSwapLayerBuffers
glFinish
glDrawArrays
glDrawElements
glLineWidth
glTexEnviv
glHint
glTexEnvi
glTexEnvf
glTexEnvfv
glEnableClientState
glDisableClientState
glGetFloatv

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

imm32

ImmGetConversionStatus
ImmGetContext
ImmGetCompositionStringA
ImmAssociateContext
ImmSetConversionStatus
ImmAssociateContextEx
ImmNotifyIME
ImmGetCandidateListA
ImmReleaseContext

wininet

InternetReadFileExA
InternetCloseHandle
HttpQueryInfoA
InternetSetOptionA
InternetConnectA
InternetOpenA
HttpSendRequestA
InternetSetCookieA
HttpOpenRequestA
InternetCrackUrlA
InternetSetStatusCallback
InternetSetStatusCallbackA

ws2_32

WSACancelAsyncRequest
WSAAsyncGetHostByName
WSACleanup
accept
select
WSAGetLastError
WSAStartup
setsockopt
getsockopt
socket
closesocket
__WSAFDIsSet
connect
listen
bind
htons
htonl
gethostbyname
ntohs
getsockname
recv
getpeername
send
inet_addr
WSACloseEvent
WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
sendto
recvfrom
inet_ntoa
ioctlsocket

dinput8

DirectInput8Create

user32

GetParent
CloseClipboard
OpenClipboard
SetCapture
GetForegroundWindow
MessageBeep
GetKeyState
FillRect
IsDialogMessageA
TranslateAcceleratorA
GetKeyboardLayout
EmptyClipboard
SendInput
SystemParametersInfoA
GetAsyncKeyState
ClientToScreen
InvertRect
VkKeyScanA
DrawTextExA
CharLowerBuffA
GetDesktopWindow
GetActiveWindow
PostMessageA
IsIconic
IsZoomed
PostQuitMessage
SetFocus
KillTimer
SetTimer
WaitForInputIdle
MapVirtualKeyA
LoadBitmapA
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
IsWindow
IsWindowVisible
MessageBoxA
LoadStringA
SetCursor
GetCursorPos
ScreenToClient
GetClientRect
LoadImageA
LoadCursorA
MapWindowPoints
BeginPaint
EndPaint
AdjustWindowRectEx
GetSystemMetrics
ShowWindow
ChangeDisplaySettingsExA
SetWindowPos
GetWindowRect
ClipCursor
GetWindowPlacement
SendMessageA
MoveWindow
SetClipboardData
ReleaseCapture
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetDC
ReleaseDC
DestroyWindow
UnregisterClassA
EnumDisplaySettingsA
EnumDisplayDevicesA
MonitorFromPoint
GetMonitorInfoA
MsgWaitForMultipleObjects

gdi32

ChoosePixelFormat
CreateBitmap
TranslateCharsetInfo
GetStockObject
SelectObject
DeleteObject
SetBkColor
GetDeviceGammaRamp
CreateSolidBrush
SetBkMode
GetPixelFormat
SetDeviceGammaRamp
DescribePixelFormat
SetTextColor
SetPixelFormat
DeleteDC
StretchBlt
BitBlt
CreateCompatibleDC
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
CreateRectRgn
Rectangle
CreateFontIndirectA
GetObjectA
SetMapMode
GdiFlush
CreateDIBSection

advapi32

CryptReleaseContext
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegEnumKeyA
CryptGenRandom
CryptAcquireContextA
RegOpenKeyA

shell32

FindExecutableA
ShellExecuteA

divxdecoder

SetOutputFormat
DivxDecode
UnInitializeDivxDecoder
InitializeDivxDecoder

winmm

waveOutPrepareHeader
waveInReset
waveInClose
waveInOpen
waveInStart
waveInGetNumDevs
waveOutGetNumDevs
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutGetPosition
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutGetDevCapsA
timeKillEvent
timeSetEvent
mciSendCommandA
timeGetTime

msacm32

acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmFormatSuggest
acmStreamOpen

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

hid

HidD_GetSerialNumberString
HidD_GetHidGuid
HidD_SetFeature
HidD_GetPreparsedData
HidD_GetAttributes
HidP_GetCaps
HidD_GetProductString
HidD_FreePreparsedData

ole32

PropVariantClear
CoCreateInstance
CoTaskMemFree
CoUninitialize
CLSIDFromString
CoInitialize

Exports

Exports

AssertAndCrash

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 858KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 483KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7fc31b6422013c5f943a1da91692ed3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

opengl32

version

imm32

wininet

ws2_32

dinput8

user32

gdi32

advapi32

shell32

divxdecoder

winmm

msacm32

setupapi

hid

ole32

Exports

Exports

Sections

.text Size: 5.9MB - Virtual size: 5.9MB

.rdata Size: 858KB - Virtual size: 857KB

.data Size: 483KB - Virtual size: 3.1MB

.zdata Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 25B

.rsrc Size: 162KB - Virtual size: 161KB

.text
Size: 5.9MB - Virtual size: 5.9MB

.rdata
Size: 858KB - Virtual size: 857KB

.data
Size: 483KB - Virtual size: 3.1MB

.zdata
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 25B

.rsrc
Size: 162KB - Virtual size: 161KB