Static task
static1
General
-
Target
ModUploader.exe
-
Size
9.9MB
-
MD5
b4d5c7daa66fed38bc1d321dd3467ef4
-
SHA1
da47e581e4c3d73ad5bc115eb048eb7846088307
-
SHA256
578d5b4e8798fbebb944b489abb8b10ebe4dd82e3d6c419b9c70dfc7dcbe956a
-
SHA512
896fbb3b77af092d0857760a5378fec27b27f8cef50da35cb4659814880d5184a7cfe9b364f2ecd853b923a85105f818a413b734df24208b75b648a72a141de4
-
SSDEEP
196608:xxh+J6uwW4XpUoGSJsv6tWKFdu9CyzpP:3h+g1p3Jsv6tWKFdu9Cy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ModUploader.exe
Files
-
ModUploader.exe.exe windows:6 windows x86 arch:x86
3003bc4a210d005523fdd1d1f32938f4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
steam_api
SteamInternal_CreateInterface
SteamInternal_ContextInit
SteamAPI_GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamAPI_Init
gdi32
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateBitmap
GetDIBits
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
SelectObject
ole32
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
imm32
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetVirtualKey
ImmSetCandidateWindow
ImmNotifyIME
ImmGetDefaultIMEWnd
ImmGetContext
winmm
PlaySoundW
oleaut32
SysAllocStringLen
SysFreeString
SysStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
SysAllocString
shell32
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHBrowseForFolderW
user32
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongW
MapVirtualKeyW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
RealGetWindowClassW
EnumWindows
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
GetMenu
TrackPopupMenuEx
GetWindowTextW
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
SetMenuItemInfoW
NotifyWinEvent
SetCursorPos
GetCursor
GetWindowLongW
LoadCursorW
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetSysColor
SystemParametersInfoW
DefWindowProcW
DestroyWindow
SetWindowRgn
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
GetDesktopWindow
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
iphlpapi
GetAdaptersInfo
GetAdaptersAddresses
advapi32
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
kernel32
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFileAttributesW
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
SetLastError
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
RaiseException
EncodePointer
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapFree
ReleaseMutex
HeapAlloc
DecodePointer
EnumSystemLocalesW
HeapReAlloc
GetStringTypeW
GetCPInfo
WriteConsoleW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
SetEnvironmentVariableA
GetExitCodeProcess
GetUserGeoID
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextFileW
MoveFileExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WriteFile
SetFilePointerEx
SetEndOfFile
ReadFile
GetFileType
FlushFileBuffers
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
GetTempPathW
RemoveDirectoryW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
GetStartupInfoW
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
GetCurrentProcess
Sleep
WaitForSingleObject
DuplicateHandle
GetSystemDirectoryW
LCMapStringW
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObjectEx
SetEvent
OutputDebugStringW
GetCommandLineW
GetLocalTime
GetSystemTime
GetUserDefaultLCID
CompareStringW
SetHandleInformation
GetModuleFileNameA
GetStdHandle
FindFirstFileExW
GetACP
FreeEnvironmentStringsW
GetProcessHeap
CreateMutexW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
GetProcAddress
lstrcmpW
GetLastError
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
SetErrorMode
HeapSize
CloseHandle
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
GetConsoleWindow
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateFileW
DeviceIoControl
LoadLibraryW
CreateEventW
WaitForMultipleObjects
ws2_32
WSACleanup
WSAStartup
gethostname
gethostbyname
gethostbyaddr
inet_addr
WSASocketW
WSASendTo
WSASend
WSARecvFrom
WSARecv
WSANtohs
WSANtohl
WSAIoctl
WSAAsyncSelect
WSAConnect
WSAAccept
WSAGetLastError
setsockopt
select
ntohl
listen
htons
getsockname
getpeername
closesocket
bind
__WSAFDIsSet
getsockopt
WSAHtonl
htonl
Sections
.text Size: 6.7MB - Virtual size: 6.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 105KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 13B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 332B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 304B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 736B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 223KB - Virtual size: 222KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ