MimiTaya[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

MimiTaya.exe
Size

4.4MB
MD5

9a06865eed96cc52dc4fbdac2601d414
SHA1

2f7545bcf058941be8fe26e49ef9093421b19746
SHA256

e70ed7b15340d74f352c79f9abbd1614617a31509730a8291fc0f9a05307313c
SHA512

99df3e9ffa0a65f67a4dfc49b94560cdb6a957c0257f7197e04acfe15bcb8b18d95c6931b52ee8c3a14b32a50869ebcb4bb9f0fc040fd1196aa3087bd32c4d13
SSDEEP

98304:dtcQKTOUAl9uQ85nIOzEdLmyir82+04t9NW:QICk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MimiTaya.exe

Files

MimiTaya.exe
.exe windows:6 windows x64 arch:x64

682206541496321332cbaebd39fa5c1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\MimiTaya\MimiTaya\build\x86_64-pc-windows-msvc\release\deps\MimiTaya.pdb

Imports

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

kernel32

HeapAlloc
FreeLibrary
GetProcAddress
LoadLibraryExA
HeapFree
GetProcessHeap
lstrlenW
LoadLibraryW
RtlVirtualUnwind
GetModuleHandleW
LoadLibraryExW
GetModuleFileNameW
SetThreadErrorMode
CreateFileW
WriteFile
ReadFile
GetOverlappedResult
WaitForSingleObject
CreateNamedPipeW
CreateEventW
CancelIoEx
SetNamedPipeHandleState
WaitNamedPipeW
AcquireSRWLockShared
ReleaseSRWLockShared
GetCurrentThreadId
TryAcquireSRWLockExclusive
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualQueryEx
Module32NextW
FormatMessageW
ReadProcessMemory
LoadLibraryA
OpenProcess
CreateMutexA
WaitForSingleObjectEx
GetSystemTimeAsFileTime
Process32NextW
GetCurrentThread
CreateThread
WriteConsoleW
MultiByteToWideChar
CreateToolhelp32Snapshot
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CloseHandle
GetLastError
UpdateProcThreadAttribute
Sleep
GetModuleHandleA
InitializeProcThreadAttributeList
GetFileAttributesW
FreeEnvironmentStringsW
DeleteProcThreadAttributeList
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetCurrentProcess
CreateProcessW
DuplicateHandle
SetFilePointerEx
GetWindowsDirectoryW
GetSystemDirectoryW
ReadFileEx
GetFullPathNameW
ExitProcess
GetConsoleMode
GetStdHandle
GetCurrentProcessId
SetHandleInformation
WriteFileEx
SleepEx
GetExitCodeProcess
TerminateProcess
QueryPerformanceFrequency
HeapReAlloc
ReleaseMutex
FindNextFileW
FindClose
GetFileInformationByHandle
GetFileInformationByHandleEx
CreateDirectoryW
FindFirstFileW
DeleteFileW
IsProcessorFeaturePresent

user32

ChangeDisplaySettingsExW
PeekMessageW
GetWindowPlacement
SetWindowPos
SystemParametersInfoA
IsProcessDPIAware
SetWindowPlacement
SetForegroundWindow
GetWindowRect
InvalidateRgn
ClientToScreen
GetDC
SendInput
RegisterClassExW
ShowCursor
CreateWindowExW
ClipCursor
RedrawWindow
GetActiveWindow
AdjustWindowRectEx
GetMenu
PostMessageW
ShowWindow
SetWindowLongW
SendMessageW
DestroyIcon
GetRawInputData
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
ReleaseCapture
SetCapture
SetClassLongPtrW
MsgWaitForMultipleObjectsEx
MessageBoxW
RegisterRawInputDevices
GetSystemMetrics
RegisterTouchWindow
DefWindowProcW
SetWindowLongPtrW
GetClassInfoExW
GetClassNameW
GetClientRect
GetWindowLongPtrW
PostThreadMessageW
CallNextHookEx
SetWindowsHookExW
MapVirtualKeyW
GetKeyState
DispatchMessageW
TranslateMessage
SetWindowDisplayAffinity
GetMessageW
MapVirtualKeyA
GetClipCursor
GetForegroundWindow
DestroyWindow
FindWindowW
SetCursorPos
GetMonitorInfoW
MonitorFromWindow
SetCursor
LoadCursorW
MonitorFromRect
CloseTouchInputHandle
GetTouchInputInfo
TrackMouseEvent
ScreenToClient
GetCursorPos
GetUpdateRect
ValidateRect
GetWindowLongW
RegisterWindowMessageA
IsWindow

opengl32

wglGetCurrentDC
wglGetCurrentContext
wglGetProcAddress
wglDeleteContext
wglMakeCurrent
wglShareLists
wglCreateContext

gdi32

DeleteObject
SetPixelFormat
SwapBuffers
GetPixelFormat
CreateRectRgn
ChoosePixelFormat
DescribePixelFormat
GetDeviceCaps

ole32

CoTaskMemFree
RegisterDragDrop
RevokeDragDrop
OleInitialize
CoUninitialize
CoCreateInstance
CoInitializeEx

dwmapi

DwmEnableBlurBehindWindow

ws2_32

getaddrinfo
closesocket
accept
WSASocketW
getsockname
listen
bind
WSAStartup
WSACleanup
freeaddrinfo
WSAGetLastError
setsockopt
getsockopt
recv
WSARecv
select
connect
WSASend
send
WSADuplicateSocketW
getpeername
ioctlsocket

shell32

DragQueryFileW
SHGetKnownFolderPath
DragFinish

oleaut32

SysStringLen
SysFreeString
GetErrorInfo

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod

uxtheme

SetWindowTheme

imm32

ImmAssociateContextEx
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext

ntdll

RtlNtStatusToDosError
NtWriteFile
NtReadFile

vcruntime140

memchr
_CxxThrowException
__C_specific_handler
memset
strstr
__current_exception_context
__current_exception
memcpy
__CxxFrameHandler3
memcmp
memmove

api-ms-win-crt-math-l1-1-0

powf
floorf
atan2f
sinf
acosf
ceilf
fmodf
log
logf
pow
sqrtf
round
tanf
atanf
floor
trunc
truncf
cosf
__setusermatherr

api-ms-win-crt-string-l1-1-0

strcmp
strncpy
strncmp
strlen

api-ms-win-crt-runtime-l1-1-0

_exit
exit
_initterm_e
_initterm
terminate
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argc
_crt_atexit
_wassert
_set_app_type
_seh_filter_exe
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_cexit
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-stdio-l1-1-0

fclose
fread
_set_fmode
__acrt_iob_func
__stdio_common_vsscanf
__stdio_common_vsprintf
fflush
__stdio_common_vfprintf
fwrite
ftell
fopen
fseek
__p__commode

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

682206541496321332cbaebd39fa5c1c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcrypt

advapi32

kernel32

user32

opengl32

gdi32

ole32

dwmapi

ws2_32

shell32

oleaut32

winmm

uxtheme

imm32

ntdll

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 3KB - Virtual size: 57KB

.pdata Size: 108KB - Virtual size: 107KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 3KB - Virtual size: 57KB

.pdata
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB