Simple Mod Framework-200-2-11-2-1673671015[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Simple Mod Framework-200-2-11-2-1673671015.exe
Size

8.5MB
MD5

d62fb862f705f2327ccd37b07130addc
SHA1

12ca8352b95e0a5f7d0a6e4b7e0065758f7548c4
SHA256

15aee7b2144db6249dea6243b678242ad547412e8473c39a387e2745b5be1dd3
SHA512

ef1e6f89466b1978a3090d2ad89fed099f7eef2fffba40bb5fbcb0884f6096b54c2ed7412b32c992479060bd6113c91594dbba7098e5ed2d07d8f2bf77e7f5c9
SSDEEP

98304:mBS6rqHiw7Eeke8BexGSclb5j+2zbI96oE:kVqrJx0v

Score

1^/10

Malware Config

Signatures

Files

Simple Mod Framework-200-2-11-2-1673671015.exe
.exe windows x64

d8f012756fcd6d44a77ace42cb2c05c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
NtCreateFile
NtDeviceIoControlFile
RtlNtStatusToDosError
NtCancelIoFileEx
RtlVirtualUnwind

kernel32

WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
InitializeSListHead
FormatMessageW
IsProcessorFeaturePresent
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
TryAcquireSRWLockExclusive
SleepConditionVariableSRW
CloseHandle
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
IsDebuggerPresent
GetSystemTimeAsFileTime
GetModuleHandleA
AddVectoredExceptionHandler
FindClose
SetFileCompletionNotificationModes
GetCurrentThreadId
SwitchToThread
GetCurrentProcess
WriteConsoleW
TlsSetValue
TlsGetValue
CreateThread
PostQueuedCompletionStatus
GetQueuedCompletionStatusEx
CreateIoCompletionPort
GetCurrentProcessId
GetFullPathNameW
SetHandleInformation
SetUnhandledExceptionFilter
GetSystemInfo
LoadLibraryW
ExitProcess
GetModuleHandleW
LoadLibraryExW
SetThreadErrorMode
GetConsoleMode
Sleep
GlobalLock
GlobalSize
GlobalUnlock
GetFinalPathNameByHandleW
GlobalAlloc
GlobalFree
MultiByteToWideChar
GetCurrentThread
AcquireSRWLockShared
FindFirstFileW
GetFileInformationByHandleEx
GetFileInformationByHandle
CreateFileW
FindNextFileW
CreateMutexA
WaitForSingleObjectEx
HeapReAlloc
WakeConditionVariable
ReleaseSRWLockShared
WakeAllConditionVariable
TerminateProcess
SetThreadStackGuarantee
UnhandledExceptionFilter
lstrlenW
GetStdHandle
CreateDirectoryW
GetEnvironmentVariableW
GetCurrentDirectoryW
SetLastError
ReleaseMutex

ws2_32

WSASend
send
WSARecv
recv
shutdown
getsockopt
listen
WSAIoctl
connect
bind
WSASocketW
accept
getpeername
getsockname
setsockopt
WSACleanup
select
getaddrinfo
WSAGetLastError
ioctlsocket
WSAStartup
closesocket
freeaddrinfo

advapi32

RegCloseKey
SystemFunction036
RegOpenKeyExW
RegQueryValueExW

secur32

FreeCredentialsHandle
ApplyControlToken
DecryptMessage
AcquireCredentialsHandleA
AcceptSecurityContext
QueryContextAttributesW
InitializeSecurityContextW
FreeContextBuffer
EncryptMessage
DeleteSecurityContext

crypt32

CertFreeCertificateContext
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertEnumCertificatesInStore
CertDuplicateCertificateChain
CertDuplicateCertificateContext
CertDuplicateStore
CertAddCertificateContextToStore
CertOpenStore
CertCloseStore
CertFreeCertificateChain

ole32

RegisterDragDrop
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
RevokeDragDrop
OleInitialize

shell32

ShellExecuteW
DragQueryFileW
SHGetKnownFolderPath
DragFinish
SHCreateItemFromParsingName

user32

SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
MsgWaitForMultipleObjectsEx
SetCapture
GetClassInfoExW
GetClassNameW
RegisterWindowMessageA
GetRawInputData
GetKeyState
GetKeyboardState
GetKeyboardLayout
RegisterTouchWindow
GetSystemMetrics
ReleaseCapture
InvalidateRgn
SetWindowPlacement
GetWindowPlacement
ChangeDisplaySettingsExW
ToUnicodeEx
GetWindowLongPtrW
SetWindowTextW
CreateWindowExW
RegisterClassExW
MapVirtualKeyW
IsProcessDPIAware
SendInput
SetForegroundWindow
ShowWindow
GetMessageW
MapVirtualKeyA
SendMessageW
DispatchMessageW
SetWindowLongW
TranslateMessage
GetActiveWindow
GetDC
SetWindowPos
GetMonitorInfoW
MonitorFromWindow
GetCursorPos
ClientToScreen
GetClientRect
GetWindowLongW
MonitorFromRect
CloseTouchInputHandle
GetTouchInputInfo
TrackMouseEvent
SetCursor
LoadCursorW
ScreenToClient
GetClipCursor
ClipCursor
PostMessageW
DestroyWindow
DefWindowProcW
GetUpdateRect
PeekMessageW
PostThreadMessageW
RedrawWindow
ValidateRect
SetWindowLongPtrW
ShowCursor
GetWindowRect
GetMenu
AdjustWindowRectEx
SystemParametersInfoA
CreateIcon
DestroyIcon
RegisterRawInputDevices

oleaut32

GetErrorInfo
SysFreeString
SysStringLen

opengl32

wglGetCurrentDC
wglShareLists
wglGetCurrentContext
wglDeleteContext
wglCreateContext
wglMakeCurrent
wglGetProcAddress

gdi32

GetPixelFormat
SetPixelFormat
SwapBuffers
GetDeviceCaps
CreateRectRgn
ChoosePixelFormat
DeleteObject
DescribePixelFormat

dwmapi

DwmEnableBlurBehindWindow

winmm

timeBeginPeriod
timeGetDevCaps
timeEndPeriod

imm32

ImmSetCandidateWindow
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmAssociateContextEx

uxtheme

SetWindowTheme

bcrypt

BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGenRandom

vcruntime140

memcmp
__current_exception_context
__CxxFrameHandler3
memcpy
memset
memmove
_CxxThrowException
__C_specific_handler
__current_exception

api-ms-win-crt-math-l1-1-0

ceil
ceilf
sinf
exp2f
roundf
sin
trunc
_hypotf
atan2f
log10
cbrtf
cosf
cos
floor
truncf
powf
floorf
round
__setusermatherr
pow
acosf
expf

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_configure_narrow_argv
_initialize_narrow_environment
_seh_filter_exe
terminate
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
__p___argc
__p___argv
_cexit
_c_exit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_register_thread_local_exe_atexit_callback

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f012756fcd6d44a77ace42cb2c05c9

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

ws2_32

advapi32

secur32

crypt32

ole32

shell32

user32

oleaut32

opengl32

gdi32

dwmapi

winmm

imm32

uxtheme

bcrypt

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 3.5MB - Virtual size: 3.5MB

.data Size: 17KB - Virtual size: 20KB

.pdata Size: 242KB - Virtual size: 241KB

.rsrc Size: 111KB - Virtual size: 110KB

.reloc Size: 35KB - Virtual size: 34KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 17KB - Virtual size: 20KB

.pdata
Size: 242KB - Virtual size: 241KB

.rsrc
Size: 111KB - Virtual size: 110KB

.reloc
Size: 35KB - Virtual size: 34KB