mtn[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mtn.exe
Size

77KB
MD5

dd9f3516bd2726ea3fef666d456b5a9b
SHA1

9290fe98523cb43e17f321906a850be4e4a65b56
SHA256

fe5e8d5c0febb374bb70d86498691efa54804272b3113099391854db815c4021
SHA512

55ff923bcd3ffeaae83cc6ff6d4d4e98e74cea790b019ecd4cafa28d081ee3a2d3d6198908b6f36b70b3fff0c59da303c8bffc86b36ac98b840e02f78b9658d4
SSDEEP

1536:FSul8PkCpB3PFxihC4hvfzeZuiT/om2hDFZsc+f:wqYfxihCCwuipipGt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mtn.exe

Files

mtn.exe
.exe windows x86

eb892334a98823ec4538201225973ffd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

bgd

_gdImageJpeg@12
_gdImageGetPixel@12
_gdImageColorResolve@16
_gdImageSetPixel@16
_gdImageCopy@32
_gdImageCreateTrueColor@8
_gdImageDestroy@4
_gdImageStringFT@44
_gdImageFilledRectangle@24

avcodec-51

avcodec_alloc_frame
avcodec_close
avcodec_decode_video
avcodec_default_get_buffer
avcodec_default_release_buffer
avcodec_find_decoder
avcodec_flush_buffers
avcodec_open
avcodec_string
avpicture_fill
avpicture_get_size

avformat-52

av_close_input_file
av_find_stream_info
av_open_input_file
av_read_frame
av_register_all
av_seek_frame
url_ferror

avutil-49

av_free
av_freep
av_log
av_log_set_level
av_malloc
av_rescale

swscale-0

sws_freeContext
sws_getContext
sws_scale

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetCurrentProcess
GetFileAttributesA
GetFileAttributesW
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
MultiByteToWideChar
SetPriorityClass
SetUnhandledExceptionFilter
Sleep
WideCharToMultiByte

msvcrt

_mkdir
_strdup
__getmainargs
__p___argv
__p__environ
__p__fmode
__set_app_type
__wgetmainargs
_assert
_cexit
_errno
_filbuf
_findclose
_iob
_onexit
_osver
_setmode
_stricmp
_wfindfirst
_wfindnext
_wfopen
_wfullpath
_wstat
_wunlink
atexit
bsearch
ceil
difftime
fclose
fflush
floor
fprintf
fputc
free
getenv
localeconv
malloc
memcpy
memset
qsort
rand
realloc
setlocale
setvbuf
signal
sprintf
srand
strcat
strchr
strcoll
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtok
strtol
time
toupper
vfprintf
wcscat
wcscmp
wcscpy
wcslen
wcsrchr

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb892334a98823ec4538201225973ffd

Headers

File Characteristics

Imports

bgd

avcodec-51

avformat-52

avutil-49

swscale-0

kernel32

msvcrt

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 512B - Virtual size: 500B

.rdata Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 46KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 512B - Virtual size: 500B

.rdata
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 46KB

.idata
Size: 4KB - Virtual size: 3KB