C:\tmp\factorio-build-ATpsje\bin\FinalReleasex64vs2017\factorio.pdb
Static task
static1
Behavioral task
behavioral1
Sample
factorio.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
factorio.exe
Resource
win10v2004-20240226-en
General
-
Target
factorio.exe
-
Size
29.9MB
-
MD5
b2d94763dfd2ac5423097a4bae50f4da
-
SHA1
6d264ec1ed59b6ad2b57f5befbd19e4b514efa9f
-
SHA256
de64e06f1619680722464cd5e9daa2f4107fbd3070d575aca4f529ca0a9662cd
-
SHA512
f4f2f7ac2ade7e477118173fe8b6f178ecfe2531ea728841cc61349ed63d4c46efa889145af003b35f593d3bb1adec60bde2e69b009fefdd0e8a20ffa3cc4d77
-
SSDEEP
393216:65gFFYdwJU9k0+pxmmagqUu9Qc99vX+Y:UUUgXaQ0b
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource factorio.exe
Files
-
factorio.exe.exe windows:6 windows x64 arch:x64
d3d3ce3f0532f278edc41aa41d9d219b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
dnsapi
DnsFree
DnsQuery_UTF8
wldap32
ord35
ord30
ord50
ord32
ord60
ord217
ord41
ord33
ord143
ord26
ord301
ord22
ord46
ord45
ord79
ord200
ord27
ord211
gdi32
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
SetPixelFormat
GetPixelFormat
SwapBuffers
ChoosePixelFormat
DescribePixelFormat
BitBlt
StretchDIBits
SetPixel
GetRegionData
SetDCBrushColor
CreateDIBSection
DeleteObject
CreateBitmap
Rectangle
SetDeviceGammaRamp
GetDeviceGammaRamp
GetTextExtentPoint32A
CreateCompatibleDC
GetTextMetricsW
CreateFontIndirectW
GetICMProfileW
CreateDCW
DeleteDC
SelectObject
GetStockObject
GetDeviceCaps
CombineRgn
ole32
PropVariantClear
CoSetProxyBlanket
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx
CoInitialize
winmm
timeBeginPeriod
timeGetTime
timeEndPeriod
psapi
EnumProcessModules
GetPerformanceInfo
GetProcessMemoryInfo
GetModuleInformation
GetModuleFileNameExW
GetModuleFileNameExA
gdiplus
GdipGetImageWidth
GdipSaveImageToStream
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipGetImageEncoders
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipFree
GdipDisposeImage
GdipCreateBitmapFromScan0
shell32
ord190
ShellExecuteExW
DragFinish
ord155
SHGetFolderPathW
SHOpenFolderAndSelectItems
ShellExecuteW
DragQueryFileW
ExtractIconExW
DragAcceptFiles
ShellExecuteA
shlwapi
PathFindOnPathA
ord12
user32
DestroyWindow
SetWindowPos
SetActiveWindow
CreateWindowExW
SendMessageW
RemovePropW
SetWindowTextW
ShowWindow
RegisterClassW
AttachThreadInput
CreateIconFromResource
UnhookWindowsHookEx
SetLayeredWindowAttributes
IntersectRect
SetPropW
SetWindowsHookExW
FlashWindowEx
SetWindowLongW
GetParent
PtInRect
SetForegroundWindow
GetWindowTextW
GetDesktopWindow
GetDC
SetWindowLongPtrW
EndDialog
GetWindowLongPtrW
DialogBoxIndirectParamW
SetFocus
SystemParametersInfoA
GetDlgItem
DrawTextW
SystemParametersInfoW
ReleaseDC
GetDoubleClickTime
MapVirtualKeyW
GetKeyboardState
ToUnicode
RegisterWindowMessageA
GetWindowLongW
GetMessageW
DefWindowProcW
AdjustWindowRectEx
GetFocus
GetMessageExtraInfo
CallWindowProcW
PostMessageW
GetWindowRect
GetMenu
GetPropW
ScreenToClient
CallNextHookEx
GetSystemMetrics
UnregisterClassW
RegisterClassExW
GetAsyncKeyState
DispatchMessageW
SetTimer
DestroyIcon
ClientToScreen
PeekMessageW
GetRawInputData
ValidateRect
TrackMouseEvent
GetClipCursor
IsRectEmpty
GetWindowInfo
GetUpdateRect
TranslateMessage
LoadIconW
ClipCursor
SetCursor
GetClientRect
KillTimer
GetClassInfoExW
InvalidateRect
IsIconic
GetCursorPos
GetClipboardData
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetWindowTextLengthW
GetWindowThreadProcessId
SetCursorPos
ReleaseCapture
SetCapture
LoadCursorW
GetCapture
RegisterRawInputDevices
CreateIconIndirect
CopyImage
SetWindowRgn
EnumDisplaySettingsW
EnumDisplayDevicesW
GetUpdateRgn
GetMonitorInfoW
ChangeDisplaySettingsExW
GetClipboardSequenceNumber
LoadCursorA
EndPaint
BeginPaint
PostThreadMessageW
GetKeyState
RegisterWindowMessageW
ChangeWindowMessageFilter
GetForegroundWindow
EnumDisplaySettingsA
EnumDisplayDevicesA
MessageBoxW
MonitorFromWindow
EnumDisplayMonitors
MapVirtualKeyA
MessageBoxA
GetMonitorInfoA
imm32
ImmAssociateContext
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
ImmGetCompositionStringW
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
kernel32
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
ResetEvent
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
GetProcessAffinityMask
VirtualAlloc
VirtualProtect
VirtualFree
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwindEx
SetConsoleCtrlHandler
ExitThread
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDriveTypeW
SetEnvironmentVariableW
GetConsoleMode
FreeLibraryAndExitThread
ReadConsoleW
GetConsoleOutputCP
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
HeapReAlloc
GetTimeZoneInformation
SetStdHandle
HeapSize
IsValidCodePage
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
GetStringTypeW
QueueUserWorkItem
IsProcessorFeaturePresent
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
DuplicateHandle
EncodePointer
RtlPcToFileHeader
MoveFileExW
CopyFileW
CreateDirectoryExW
AreFileApisANSI
SetFileAttributesW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ReadProcessMemory
GetThreadContext
GetVersionExA
GetFileAttributesA
ResumeThread
GetCurrentDirectoryA
SuspendThread
RtlCaptureContext
CreateFileA
MoveFileExA
PeekNamedPipe
GetSystemDirectoryA
VerifyVersionInfoA
SleepEx
SetLastError
FormatMessageA
OutputDebugStringA
CreateEventA
CreateWaitableTimerA
SetEvent
WaitForMultipleObjects
SetWaitableTimer
CreateSemaphoreA
InitializeCriticalSection
GetCommandLineA
GetTempPathW
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
CreateSemaphoreW
ReleaseSemaphore
GetSystemPowerStatus
GetModuleHandleExW
CreateEventW
CreateThread
WaitForSingleObjectEx
SetThreadPriority
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
TryEnterCriticalSection
MulDiv
LoadLibraryW
LoadLibraryExW
QueryPerformanceCounter
OutputDebugStringW
ExitProcess
GetTickCount
SetFilePointerEx
SetFilePointer
SetErrorMode
WriteFile
GetFileSizeEx
ReadFile
SetEnvironmentVariableA
GetEnvironmentVariableA
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEndOfFile
WriteConsoleW
SetThreadAffinityMask
MultiByteToWideChar
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
SetUnhandledExceptionFilter
IsDebuggerPresent
Process32First
GetConsoleScreenBufferInfo
SetConsoleActiveScreenBuffer
GetCurrentProcess
SetConsoleScreenBufferSize
GetStdHandle
TerminateProcess
GetModuleFileNameW
LockFile
CreateConsoleScreenBuffer
InitializeCriticalSectionEx
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
HeapValidate
GetModuleHandleA
FindFirstChangeNotificationW
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetModuleHandleExA
FormatMessageW
GetLastError
AttachConsole
GetFileAttributesExW
GetCurrentThread
FindCloseChangeNotification
LoadLibraryA
QueryPerformanceFrequency
DeleteFileW
Process32Next
CloseHandle
RaiseException
FindNextChangeNotification
DecodePointer
UnlockFile
GetProcAddress
LocalFree
DeleteCriticalSection
VerSetConditionMask
GetCurrentProcessId
GetProcessHeap
GlobalMemoryStatusEx
SetThreadExecutionState
GetModuleHandleW
FreeLibrary
VerifyVersionInfoW
SetConsoleOutputCP
GetFileType
WriteConsoleInputA
AllocConsole
OpenThread
RtlUnwind
advapi32
CryptGenRandom
GetUserNameA
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptReleaseContext
iphlpapi
GetIpAddrTable
ws2_32
socket
ntohs
connect
WSAAddressToStringW
WSAIoctl
WSAStartup
getaddrinfo
listen
WSASetLastError
getpeername
getsockname
getsockopt
WSACleanup
__WSAFDIsSet
accept
select
closesocket
send
ioctlsocket
gethostname
ntohl
recvfrom
htonl
htons
freeaddrinfo
sendto
setsockopt
WSAGetLastError
bind
recv
crypt32
CertGetNameStringW
CryptVerifyMessageSignature
CertCreateCertificateChainEngine
CertFindExtension
PFXImportCertStore
CertFreeCertificateContext
CryptStringToBinaryA
CertGetNameStringA
CertFreeCertificateChain
CryptQueryObject
CertAddCertificateContextToStore
CertFreeCertificateChainEngine
CertGetCertificateChain
CryptDecodeObjectEx
CertOpenStore
CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore
dsound
ord12
ord11
version
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
wintrust
WinVerifyTrust
imagehlp
ImageGetCertificateHeader
ImageGetCertificateData
ImageEnumerateCertificates
Exports
Exports
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkunsigned
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_optunsigned
luaL_prepbuffsize
luaL_pushmodule
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getctx
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_insert
lua_iscfunction
lua_isnumberorstringconvertabletonumber
lua_isstringornumberconvertabletostring
lua_isuserdata
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushunsigned
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_remove
lua_replace
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_tounsignedx
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove
Sections
.text Size: 20.6MB - Virtual size: 20.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7.4MB - Virtual size: 7.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 709KB - Virtual size: 918KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 788KB - Virtual size: 787KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gehcont Size: 512B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 418KB - Virtual size: 418KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ