manhunt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

manhunt.exe
Size

6.0MB
MD5

04a52e283a76132cc8b52d3af2319142
SHA1

9257986ce32b21fdd79ceff95f6d0c206d91c7b1
SHA256

5001b64f77690316330575fcfe6acd5c5115c5476c183ffec0d86779b0686b52
SHA512

54ca3703170b2133e151acb4ec19035d1ffc410dff1a5c15db6f0942bc37217cf7423638784649a48a57e78b9b2ba0ff1138db53735d8b68c2573bd6ac3a6f7a
SSDEEP

98304:7PjoDpAC5zcpAPksPNBMlhc8lRyba18Uu:7LoDpACZcpAPIlhcERyba1I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
manhunt.exe

Files

manhunt.exe
.exe windows x86

bb3d36ed307637de9b23bc04a208ad2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

dinput8

DirectInput8Create

kernel32

GetLastError
IsBadReadPtr
CreateEventA
CloseHandle
ReadFile
GetOverlappedResult
CreateFileA
GetVersion
IsBadCodePtr
IsBadWritePtr
GetFileAttributesA
CreateDirectoryA
OutputDebugStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineA
SetErrorMode
GetModuleHandleA
GetModuleFileNameA
GetCurrentThread
GetTickCount
GetUserDefaultLangID
SetFileAttributesA
DeleteFileA
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
SetFilePointer
WriteFile
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetStartupInfoA
GlobalAlloc
GlobalFree
GetCurrentDirectoryA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetStdHandle
SetCurrentDirectoryA
SetEnvironmentVariableA
GetLocalTime
GetTimeZoneInformation
RtlUnwind
FindNextFileA
GetEnvironmentStrings
FreeEnvironmentStringsA

user32

SetWindowTextA
MessageBoxA
ShowCursor
ClientToScreen
SetCursorPos
LoadCursorA
RegisterClassA
FindWindowA
SetForegroundWindow
AdjustWindowRect
CreateWindowExA
GetWindowRect
SetWindowPos
SendMessageA
ShowWindow
GetDlgItem
SetFocus
EndDialog
SetCursor
ReleaseCapture
GetWindowPlacement
SetCapture
DefWindowProcA
KillTimer
ClipCursor
PostQuitMessage
GetSystemMetrics
DialogBoxParamA
GetClientRect
UpdateWindow
SystemParametersInfoA
DestroyWindow
SetWindowLongA
PeekMessageA
TranslateMessage
DispatchMessageA
WaitMessage
MapVirtualKeyA
AdjustWindowRectEx
GetMenu
GetWindowLongA
IsIconic

winmm

timeGetTime

binkw32

_BinkCopyToBufferRect@44
_BinkWait@4
_BinkDoFrame@4
_BinkNextFrame@4
_BinkOpen@8
_BinkBufferOpen@16
_BinkSetVolume@12
_BinkOpenMiles@4
_BinkSetSoundSystem@8

d3d8

Direct3DCreate8

mss32

_AIL_enumerate_3D_providers@12
_AIL_release_3D_sample_handle@4
_AIL_close_3D_provider@4
_AIL_set_3D_provider_preference@12
_AIL_open_3D_provider@4
_AIL_3D_room_type@4
_AIL_set_3D_room_type@8
_AIL_3D_provider_attribute@12
_AIL_allocate_3D_sample_handle@4
_AIL_set_3D_sample_effects_level@8
_AIL_set_redist_directory@4
_AIL_startup@0
_AIL_set_preference@8
_AIL_open_digital_driver@16
_AIL_set_3D_sample_info@8
_AIL_set_3D_sample_loop_count@8
_AIL_close_digital_driver@4
_AIL_shutdown@0
_AIL_set_3D_sample_volume@8
_AIL_set_3D_position@16
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_playback_rate@8
_AIL_set_3D_sample_loop_block@12
_AIL_3D_sample_status@4
_AIL_start_3D_sample@4
_AIL_end_3D_sample@4
_AIL_stop_3D_sample@4
_AIL_3D_sample_offset@4
_AIL_3D_sample_length@4
_AIL_resume_3D_sample@4
_AIL_set_3D_sample_occlusion@8
_AIL_process_digital_audio@24
_AIL_ms_count@0

gdi32

SetBkColor
BitBlt
StretchBlt
CreateBitmap
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
SetStretchBltMode
RectVisible
DeleteObject
DeleteDC

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_rwcseg
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_rwdseg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 45KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xxxxx
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.prus
Size: 805KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.izbf
Size: 1004KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb3d36ed307637de9b23bc04a208ad2f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

dinput8

kernel32

user32

winmm

binkw32

d3d8

mss32

gdi32

version

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

_rwcseg Size: 1KB - Virtual size: 1KB

.rdata Size: 47KB - Virtual size: 46KB

.exc Size: 1KB - Virtual size: 1KB

.data Size: 1.4MB - Virtual size: 1.4MB

.CRT Size: 512B - Virtual size: 400B

.asrc Size: 104KB - Virtual size: 104KB

_TEXT_HA Size: 67KB - Virtual size: 66KB

.idata Size: 5KB - Virtual size: 4KB

_rwdseg Size: 512B - Virtual size: 8B

.bss Size: - Virtual size: 45KB

.xxxxx Size: 150KB - Virtual size: 149KB

.prus Size: 805KB - Virtual size: 808KB

.izbf Size: 1004KB - Virtual size: 1004KB

.idata Size: 7KB - Virtual size: 7KB

.text
Size: 2.4MB - Virtual size: 2.4MB

_rwcseg
Size: 1KB - Virtual size: 1KB

.rdata
Size: 47KB - Virtual size: 46KB

.exc
Size: 1KB - Virtual size: 1KB

.data
Size: 1.4MB - Virtual size: 1.4MB

.CRT
Size: 512B - Virtual size: 400B

.asrc
Size: 104KB - Virtual size: 104KB

_TEXT_HA
Size: 67KB - Virtual size: 66KB

.idata
Size: 5KB - Virtual size: 4KB

_rwdseg
Size: 512B - Virtual size: 8B

.bss
Size: - Virtual size: 45KB

.xxxxx
Size: 150KB - Virtual size: 149KB

.prus
Size: 805KB - Virtual size: 808KB

.izbf
Size: 1004KB - Virtual size: 1004KB

.idata
Size: 7KB - Virtual size: 7KB