Static task
static1
General
-
Target
skse64_loader.exe
-
Size
219KB
-
MD5
963b5bb002564a78025fd0c36528ab8c
-
SHA1
2bc325e260834258e40c5e6f0ff1a9bbea87b0a1
-
SHA256
fecc9f5d9a8f19b5244d514dd2649feacdc4f0ca1ef89b390c571d861f4605fd
-
SHA512
efd1d1434295f6aacc2dca38612684ef6a2dcdfef6c3bdd76776dba54427390dede58200bd1766651803e590a24cdc93e9587de77305d8a7bc7d97ec6f3fcf72
-
SSDEEP
3072:HGsm8z7E3sO5WEzRtlg1jz92cmjSZ4Ml1xYwdTPUmPbiXW67NlSxVyCq:HxmeE3xWIRtlg1P92JjSl3mIlKC
Malware Config
Signatures
Files
-
skse64_loader.exe.exe windows x64
820a4b6240752e5712832d6efc9569d2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
version
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
kernel32
GetLastError
SetProcessAffinityMask
TerminateProcess
ResumeThread
Sleep
WaitForSingleObject
CloseHandle
CreateToolhelp32Snapshot
Module32First
Module32Next
Process32First
Process32Next
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetVersionExA
CreateFileA
CreateFileMappingA
CreateProcessA
UnmapViewOfFile
OpenProcess
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
VirtualFreeEx
GetFileSizeEx
ReadFile
SetEndOfFile
SetFilePointerEx
WriteFile
CreateFileW
ReadConsoleW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableA
HeapSize
GetSystemTimeAsFileTime
HeapReAlloc
WriteConsoleW
MapViewOfFile
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
RtlUnwind
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
MultiByteToWideChar
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
user32
MessageBoxA
WaitForInputIdle
shell32
SHGetFolderPathA
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
Sections
.text Size: 147KB - Virtual size: 146KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 252B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ