AEPixelSorter[.]aex

Sharing

Copy URL Twitter E-mail

General

Target

AEPixelSorter.aex
Size

650KB
MD5

072cb7685892c4c54fd4192fcdc5f46a
SHA1

24701cb00ad84d7b52d4a25e76ea60672e935a5e
SHA256

1c999f3e1b36fce309330e80f0a0466aa114f43a501090a69d3024976b2a452a
SHA512

1df20f131c4db2fbe463886b611b7f14518be8ef6201436127a163a218d85f6ffb057462bb72caadc6b2140f9bae0b54d88eb6f3138a4b1cb637142fe736a0ef
SSDEEP

6144:4PihMlFNZrBCCMIPOyxPdNB46aLmoTufrE0xtsH9PXzj3WniWOyCOGRxVdha74Qf:iiGvHMIPOgdNB46aLdhet/yNc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AEPixelSorter.aex

Files

AEPixelSorter.aex
.dll windows:6 windows x64 arch:x64

db1c8d467e690a347d1ee9984e062667

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

LoadIconA
LoadCursorA
GetDesktopWindow
SetWindowLongA
GetWindowLongA
GetWindowRect
SetWindowTextA
EnableWindow
SetFocus
SetWindowPos
ShowWindow
CreateWindowExA
RegisterClassExA
UnregisterClassA
DefWindowProcA
PostMessageA
SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA

gdi32

GetStockObject

shell32

SHGetFolderPathA
ShellExecuteA

iphlpapi

GetAdaptersInfo

kernel32

VirtualQuery
ReadConsoleW
SetStdHandle
FreeLibrary
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
CreateFileW
CloseHandle
CreateDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetEndOfFile
GetProcessHeap
HeapAlloc
GetModuleFileNameA
FlushFileBuffers
TlsAlloc
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
RtlPcToFileHeader
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleFileNameW
GetModuleHandleExW
HeapSize
HeapValidate
GetSystemInfo
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
GetCurrentThreadId
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
GetLastError
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
WriteFile
ExitProcess
AreFileApisANSI
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
LoadLibraryExW
GetFileType
OutputDebugStringA
WriteConsoleW
IsValidCodePage
GetACP
GetOEMCP
HeapFree
HeapReAlloc
HeapQueryInformation

Exports

Exports

EntryPointFunc

Sections

.text
Size: 475KB - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db1c8d467e690a347d1ee9984e062667

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

shell32

iphlpapi

kernel32

Exports

Exports

Sections

.text Size: 475KB - Virtual size: 474KB

.rdata Size: 135KB - Virtual size: 135KB

.data Size: 11KB - Virtual size: 21KB

.pdata Size: 23KB - Virtual size: 22KB

.rsrc Size: 1024B - Virtual size: 864B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 475KB - Virtual size: 474KB

.rdata
Size: 135KB - Virtual size: 135KB

.data
Size: 11KB - Virtual size: 21KB

.pdata
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 3KB - Virtual size: 3KB