GROW[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GROW.exe
Size

1.2MB
MD5

916abc7b81926f91ec2ab4052bbffeda
SHA1

b0b63e88ed60653e2a4ecbcee85583e80bbe8a95
SHA256

a7526c3dfaff4e72f8f2814eabad965012a592ed74e90688ebdf8085f4f94e38
SHA512

2aa61262c333e73dd0c5fc040655d5cff4689404014fae8d998fc2895d40634d740ffd35db40b448519eb366b33ed04bfdea0812a0b9b8ad4d1efedc5a13e185
SSDEEP

24576:Hn3judXB96Ilm0x07libtvE1XDv3DUUmi0OLZ7dd+xpynuq:H3judHlm0xCgbe1TLUUm+A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GROW.exe

Files

GROW.exe
.exe windows:6 windows x64 arch:x64

Password: Chichi3d

9d0275e5c83c777323460e888057c43b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

sdl2

SDL_GetError
SDL_memcpy
SDL_wcslen
SDL_strlen
SDL_iconv_string
SDL_SetMainReady
SDL_RWFromMem
SDL_free
SDL_GetDisplayBounds
SDL_CreateWindow
SDL_GetWindowFlags
SDL_SetWindowPosition
SDL_GetWindowPosition
SDL_SetWindowSize
SDL_GetWindowSize
SDL_SetWindowMinimumSize
SDL_ShowWindow
SDL_MaximizeWindow
SDL_RestoreWindow
SDL_SetWindowFullscreen
SDL_DestroyWindow
SDL_GL_SetAttribute
SDL_GL_CreateContext
SDL_GetWindowDisplayIndex
SDL_GL_SetSwapInterval
SDL_GL_SwapWindow
SDL_GL_DeleteContext
SDL_GetKeyboardState
SDL_GetModState
SDL_GetMouseState
SDL_Quit
SDL_Init
SDL_GetPerformanceFrequency
SDL_GetPerformanceCounter
SDL_ShowSimpleMessageBox
SDL_GetBasePath
SDL_PollEvent
SDL_GameControllerClose
SDL_GameControllerGetButton
SDL_GameControllerGetAxis
SDL_GameControllerOpen
SDL_IsGameController
SDL_NumJoysticks
SDL_ShowCursor
SDL_GetRelativeMouseState

sdl2_mixer

Mix_Init
Mix_Quit
Mix_OpenAudio
Mix_AllocateChannels
Mix_LoadWAV_RW
Mix_FreeChunk
Mix_FreeMusic
Mix_HookMusicFinished
Mix_PlayChannel
Mix_PlayMusic
Mix_FadeInMusic
Mix_Volume
Mix_VolumeMusic
Mix_HaltMusic
Mix_FadeOutMusic
Mix_PauseMusic
Mix_ResumeMusic
Mix_PlayingMusic
Mix_CloseAudio
Mix_LoadMUS_RW

opengl32

glDeleteTextures
wglGetProcAddress
glViewport
glTexParameteri
glTexImage2D
glScissor
glGetString
glGetIntegerv
glGenTextures
glEnable
glDrawArrays
glDisable
wglGetCurrentDC
glClearColor
glClear
glBlendFunc
glBindTexture

shell32

ShellExecuteA
CommandLineToArgvW

kernel32

RtlCaptureContext
SetEndOfFile
HeapSize
CreateFileW
FlushFileBuffers
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
OutputDebugStringW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
MultiByteToWideChar
WriteFile
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetStdHandle
EncodePointer
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
GetLastError
RtlUnwind
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
CreateFileA
GetFileAttributesA
GetFileSizeEx
ReadFile
CloseHandle
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
LocalFree
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess

Sections

.text
Size: 824KB - Virtual size: 823KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: Chichi3d

9d0275e5c83c777323460e888057c43b

Headers

DLL Characteristics

File Characteristics

Imports

sdl2

sdl2_mixer

opengl32

shell32

kernel32

Sections

.text Size: 824KB - Virtual size: 823KB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 16KB - Virtual size: 48KB

.pdata Size: 38KB - Virtual size: 37KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 44KB - Virtual size: 44KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 824KB - Virtual size: 823KB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 16KB - Virtual size: 48KB

.pdata
Size: 38KB - Virtual size: 37KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 44KB - Virtual size: 44KB

.reloc
Size: 8KB - Virtual size: 7KB