factorio[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

factorio.exe
Size

30.8MB
MD5

52c57791ab6725c6d874d3f8f7eed61f
SHA1

a5674dfe245b882d7db6472549b0d13f1b1e354b
SHA256

526625415d926f6238e4395f0392738f3a17cd215c3b59d369bc9233b1e8a269
SHA512

bcb4ec6e2cac3c85c0adb45fe6133648de7ea76a0444e2162ba8a2a26453f3547a48b0987a55d1d5d1c2c6ec4cf5b8f0f357dc024d4c4da16a0d080c67b614cd
SSDEEP

393216:XnERkzr6bS9p3epCw1e1PWPrhUSxVgbF9fX/g:zz++IpjaWPrhUSsL/g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
factorio.exe

Files

factorio.exe
.exe windows:6 windows x64 arch:x64

ace048ab4922af57ca81336f0184e1bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\build\AppData\Local\Temp\factorio-build-YrSvNh\bin\FinalSteamReleasex64vs2017\factorio.pdb

Imports

steam_api64

SteamInternal_ContextInit
SteamAPI_RunCallbacks
SteamInternal_FindOrCreateUserInterface
SteamAPI_UnregisterCallResult
SteamAPI_Init
SteamAPI_RestartAppIfNecessary
SteamAPI_RegisterCallback
SteamAPI_RegisterCallResult
SteamAPI_GetHSteamUser
SteamAPI_Shutdown
SteamAPI_UnregisterCallback

dnsapi

DnsFree
DnsQuery_UTF8

wldap32

ord200
ord79
ord33
ord41
ord27
ord30
ord22
ord211
ord301
ord45
ord26
ord217
ord60
ord143
ord50
ord32
ord35
ord46

gdi32

DeleteObject
CreateFontIndirectW
DeleteDC
GetTextMetricsW
CreateCompatibleDC
GetTextExtentPoint32A
GetDeviceGammaRamp
CreateDCW
SetDeviceGammaRamp
GetICMProfileW
CreateBitmap
CreateDIBSection
CombineRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
SetPixelFormat
GetPixelFormat
SwapBuffers
ChoosePixelFormat
DescribePixelFormat
BitBlt
StretchDIBits
SetPixel
GetRegionData
SetDCBrushColor
SelectObject
GetStockObject
GetDeviceCaps
Rectangle
CreateSolidBrush

ole32

CoSetProxyBlanket
PropVariantClear
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoTaskMemFree
CoInitialize

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

psapi

GetModuleInformation
GetModuleFileNameExW
EnumProcessModules
GetPerformanceInfo
GetProcessMemoryInfo
GetModuleFileNameExA

gdiplus

GdipSaveImageToStream
GdipGetImageWidth
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipFree
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipGetImageEncoders
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream

shell32

SHOpenFolderAndSelectItems
ShellExecuteW
SHGetFolderPathW
ord155
ShellExecuteA
ord190
DragQueryFileW
DragFinish
DragAcceptFiles
ExtractIconExW

shlwapi

PathFindOnPathA
ord12

user32

GetWindowTextLengthW
GetFocus
SetWindowPos
MonitorFromRect
SetActiveWindow
SendMessageW
RemovePropW
SetWindowTextW
ShowWindow
GetMonitorInfoW
RegisterClassW
AttachThreadInput
CreateIconFromResource
UnhookWindowsHookEx
SetLayeredWindowAttributes
IntersectRect
SetPropW
SetWindowsHookExW
FlashWindowEx
SetWindowLongW
GetParent
PtInRect
SetForegroundWindow
GetWindowTextW
RegisterRawInputDevices
GetRawInputDeviceInfoA
GetRawInputDeviceList
DestroyWindow
CreateWindowExW
RegisterDeviceNotificationW
PostThreadMessageW
UnregisterDeviceNotification
GetDesktopWindow
SetWindowLongPtrW
EndDialog
GetWindowLongPtrW
DialogBoxIndirectParamW
SetFocus
SystemParametersInfoA
GetDlgItem
DrawTextW
SystemParametersInfoW
ReleaseDC
GetDoubleClickTime
MapVirtualKeyW
GetWindowThreadProcessId
ToUnicode
RegisterWindowMessageA
GetWindowLongW
GetMessageW
DefWindowProcW
AdjustWindowRectEx
GetKeyState
GetMessageExtraInfo
CallWindowProcW
PostMessageW
GetWindowRect
GetMenu
GetDC
GetPropW
FillRect
ScreenToClient
CallNextHookEx
GetSystemMetrics
UnregisterClassW
RegisterClassExW
GetAsyncKeyState
DispatchMessageW
SetTimer
DestroyIcon
ClientToScreen
PeekMessageW
GetRawInputData
ValidateRect
TrackMouseEvent
GetClipCursor
IsRectEmpty
GetUpdateRect
TranslateMessage
LoadIconW
ClipCursor
SetCursor
GetClientRect
KillTimer
GetClassInfoExW
InvalidateRect
IsIconic
GetCursorPos
GetClipboardData
SetCursorPos
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
EnumDisplayDevicesA
MessageBoxW
MonitorFromWindow
EnumDisplayMonitors
MapVirtualKeyA
MessageBoxA
GetMonitorInfoA
EnumDisplaySettingsA
GetForegroundWindow
ChangeWindowMessageFilter
UnregisterClassA
RegisterWindowMessageW
ReleaseCapture
SetCapture
LoadCursorW
CreateIconIndirect
CopyImage
SetWindowRgn
EnumDisplaySettingsW
EnumDisplayDevicesW
MonitorFromPoint
ChangeDisplaySettingsExW
GetClipboardSequenceNumber
RegisterClassExA
CreateWindowExA
LoadCursorA
EndPaint
BeginPaint
GetWindowInfo
GetCapture
GetUpdateRgn
GetKeyboardState

imm32

ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW
ImmAssociateContext

oleaut32

VariantClear
SysAllocString
VariantInit
SysFreeString

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA

kernel32

SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
GetThreadTimes
FreeLibraryAndExitThread
VirtualAlloc
RegisterWaitForSingleObject
VirtualFree
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwindEx
SetConsoleCtrlHandler
ExitThread
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDriveTypeW
SetEnvironmentVariableW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
VirtualProtect
UnregisterWait
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
HeapReAlloc
GetTimeZoneInformation
SetStdHandle
HeapSize
IsValidCodePage
GetACP
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
GetStringTypeW
QueueUserWorkItem
IsProcessorFeaturePresent
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
DuplicateHandle
EncodePointer
RtlPcToFileHeader
MoveFileExW
CopyFileW
CreateDirectoryExW
AreFileApisANSI
SetFileAttributesW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ReadProcessMemory
GetThreadContext
GetVersionExA
GetFileAttributesA
ResumeThread
GetCurrentDirectoryA
SuspendThread
RtlCaptureContext
MoveFileExA
PeekNamedPipe
GetSystemDirectoryA
VerifyVersionInfoA
SleepEx
SetLastError
FormatMessageA
OutputDebugStringA
CreateEventA
CreateWaitableTimerA
SetEvent
WaitForMultipleObjects
SetWaitableTimer
CreateSemaphoreA
InitializeCriticalSection
GetCommandLineA
GetTempPathW
GetModuleFileNameA
GetOverlappedResult
ResetEvent
DeviceIoControl
CancelIo
TlsGetValue
TlsAlloc
TlsSetValue
CreateSemaphoreW
ReleaseSemaphore
GetSystemPowerStatus
GetModuleHandleExW
CreateFileA
CreateEventW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
TryEnterCriticalSection
CreateThread
WaitForSingleObjectEx
SetThreadPriority
LoadLibraryW
LoadLibraryExW
QueryPerformanceCounter
OutputDebugStringW
ExitProcess
MulDiv
GetTickCount
SetFilePointerEx
SetFilePointer
SetErrorMode
WriteFile
GetFileSizeEx
ReadFile
SetEnvironmentVariableA
GetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
SetUnhandledExceptionFilter
IsDebuggerPresent
OpenThread
AllocConsole
WriteConsoleInputA
GetFileType
SetConsoleOutputCP
VerifyVersionInfoW
FreeLibrary
GetModuleHandleW
SetThreadExecutionState
GlobalMemoryStatusEx
GetProcessHeap
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEndOfFile
WriteConsoleW
FindFirstChangeNotificationW
GetCurrentProcessId
VerSetConditionMask
DeleteCriticalSection
LocalFree
GetProcAddress
UnlockFile
DecodePointer
FindNextChangeNotification
RaiseException
CloseHandle
Process32Next
DeleteFileW
QueryPerformanceFrequency
LoadLibraryA
Process32First
GetConsoleScreenBufferInfo
SetConsoleActiveScreenBuffer
GetCurrentProcess
SetConsoleScreenBufferSize
GetStdHandle
TerminateProcess
GetModuleFileNameW
LockFile
CreateConsoleScreenBuffer
InitializeCriticalSectionEx
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
HeapValidate
GetModuleHandleA
RtlUnwind
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetModuleHandleExA
FormatMessageW
GetLastError
AttachConsole
GetFileAttributesExW
GetCurrentThread
FindCloseChangeNotification

advapi32

CryptHashData
GetUserNameA
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptGenRandom
CryptAcquireContextA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptDestroyHash

iphlpapi

GetIpAddrTable

ws2_32

WSAIoctl
WSASetLastError
htons
ioctlsocket
gethostname
ntohl
ntohs
socket
send
connect
WSAAddressToStringW
recvfrom
recv
getsockname
getsockopt
WSACleanup
__WSAFDIsSet
accept
bind
closesocket
select
listen
htonl
getpeername
freeaddrinfo
sendto
setsockopt
WSAGetLastError
WSAStartup
getaddrinfo

crypt32

CertAddCertificateContextToStore
CertFindExtension
CryptQueryObject
CertCreateCertificateChainEngine
CertGetNameStringW
CryptVerifyMessageSignature
CertFreeCertificateChain
CertGetNameStringA
CertGetCertificateChain
CertFreeCertificateContext
PFXImportCertStore
CertFreeCertificateChainEngine
CryptStringToBinaryA
CertEnumCertificatesInStore
CertCloseStore
CertFindCertificateInStore
CertOpenStore
CryptDecodeObjectEx

dsound

ord12
ord11

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wintrust

WinVerifyTrust

imagehlp

ImageGetCertificateHeader
ImageEnumerateCertificates
ImageGetCertificateData

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkunsigned
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_optunsigned
luaL_prepbuffsize
luaL_pushmodule
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getctx
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_insert
lua_iscfunction
lua_isnumberorstringconvertabletonumber
lua_isstringornumberconvertabletostring
lua_isuserdata
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushunsigned
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_remove
lua_replace
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_tounsignedx
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove

Sections

.text
Size: 21.0MB - Virtual size: 21.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 728KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 806KB - Virtual size: 805KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ace048ab4922af57ca81336f0184e1bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

steam_api64

dnsapi

wldap32

gdi32

ole32

winmm

psapi

gdiplus

shell32

shlwapi

user32

imm32

oleaut32

setupapi

kernel32

advapi32

iphlpapi

ws2_32

crypt32

dsound

version

wintrust

imagehlp

Exports

Exports

Sections

.text Size: 21.0MB - Virtual size: 21.0MB

.rdata Size: 7.8MB - Virtual size: 7.8MB

.data Size: 728KB - Virtual size: 938KB

.pdata Size: 806KB - Virtual size: 805KB

.gehcont Size: 512B - Virtual size: 40B

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 451KB - Virtual size: 451KB

.text
Size: 21.0MB - Virtual size: 21.0MB

.rdata
Size: 7.8MB - Virtual size: 7.8MB

.data
Size: 728KB - Virtual size: 938KB

.pdata
Size: 806KB - Virtual size: 805KB

.gehcont
Size: 512B - Virtual size: 40B

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 451KB - Virtual size: 451KB