Imouto Fantasy[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Imouto Fantasy.exe
Size

7.0MB
MD5

a2e950389e286ea09173e9e6788a79d8
SHA1

b944e800fff7543045ccb5f3c9f6e1ab28dd3e5d
SHA256

d31908c312080a95a09d2f6757732f04eb92d53f38c66156f902e00bb8026a52
SHA512

ebb63cb71d0d6a9252f172ddca706dc897016f17ab6fe0f13d879d691a5ca372744ed384d0e171b89a21cdb85b61328751d8d9b1e7669eec25b12911483bf8f4
SSDEEP

196608:Af0dDYGy7mVeq7sQ6wTxyGKr2U2vmHshZOF3S+VWBnQ7sn+iEH:nxdeq3GVWBnQ7snYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Imouto Fantasy.exe

Files

Imouto Fantasy.exe
.exe windows:6 windows x86 arch:x86

97f6b833efda8bf7e70d64fcf029954f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryW
PathFileExistsW
PathIsDirectoryA

psapi

GetProcessMemoryInfo

kernel32

FindNextFileA
FindClose
GetCurrentDirectoryA
GetACP
SetCurrentDirectoryA
GetFileAttributesA
CreateFileA
CloseHandle
CreateDirectoryA
GetTickCount
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateDirectoryW
GetModuleFileNameA
FindFirstFileW
FindNextFileW
WriteFile
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetLocaleInfoA
OpenProcess
GetExitCodeThread
Sleep
CopyFileA
GetLastError
GetVersionExA
DeleteFileA
GlobalAlloc
GetCurrentDirectoryW
DecodePointer
SetCurrentDirectoryW
GlobalLock
RemoveDirectoryA
GetCurrentProcessId
GlobalMemoryStatusEx
CopyFileW
WideCharToMultiByte
GetDiskFreeSpaceExA
TlsFree
FlushFileBuffers
TlsGetValue
WriteConsoleW
SetEndOfFile
HeapSize
HeapReAlloc
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetFileAttributesExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FindFirstFileA
MultiByteToWideChar
DeleteCriticalSection
TlsSetValue
TlsAlloc
SetLastError
HeapAlloc
HeapFree
GetStdHandle
MoveFileExW
FreeLibraryAndExitThread
LoadLibraryExW
GetModuleHandleExW
GlobalUnlock
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
InitializeCriticalSectionEx
EncodePointer
LocalFree
LCMapStringEx
GetStringTypeW
GetCPInfo
LoadLibraryA
CreateFileW
ReadFile
LocalAlloc
ExitProcess
OutputDebugStringW
RaiseException
RtlUnwind
DeleteFileW

user32

GetAsyncKeyState
GetFocus
ReleaseDC
IsClipboardFormatAvailable
GetDlgItem
CreateDialogParamA
SetClipboardData
SendMessageA
ClipCursor
MonitorFromPoint
GetWindowRect
DestroyWindow
GetDC
SetWindowPos
MessageBoxW
EnumDisplayMonitors
GetSystemMetrics
GetScrollPos
ShowWindow
SendDlgItemMessageA
OpenClipboard
ClientToScreen
CloseClipboard
EmptyClipboard
MessageBoxA
GetMonitorInfoA
SetFocus
GetClipboardData
GetCursorPos

gdi32

RemoveFontResourceExA
GetDeviceCaps
AddFontResourceExW

shell32

ShellExecuteA
ShellExecuteW

wininet

HttpQueryInfoA
HttpOpenRequestA
InternetCrackUrlA
InternetOpenA
InternetCloseHandle
HttpSendRequestA
InternetConnectA
InternetReadFile

crypt32

CryptBinaryToStringA

advapi32

RegCloseKey

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 687KB - Virtual size: 687KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97f6b833efda8bf7e70d64fcf029954f

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

psapi

kernel32

user32

gdi32

shell32

wininet

crypt32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 687KB - Virtual size: 687KB

.data Size: 2.0MB - Virtual size: 9.0MB

_RDATA Size: 136KB - Virtual size: 136KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 687KB - Virtual size: 687KB

.data
Size: 2.0MB - Virtual size: 9.0MB

_RDATA
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 164KB - Virtual size: 164KB