Eternity FiveM[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Eternity FiveM.exe
Size

5.7MB
MD5

55b444d8fca3e1eb06f3e3477e570f33
SHA1

0ca96f4b6d8ee3b655115d232166c03c5b9cd0cc
SHA256

c4b893b1bb6a6ff7124e47b128e987818579e5091e37418c86176e77dd6c3a69
SHA512

b8d4f3860c2566539c06a0467e8efc7971b85b667f2e2f68bb6549b34221c474890484f30693822872b673568d7d1140429864e8e9f5e680caf1eba747b744d5
SSDEEP

98304:/FkgmlBJFbNRwFLfsYBMqCy8MPZv+9FY2+G3vF4fQS3UQIEv33gib9gtb9B5:/FkgwBJFbNRwFLfsYBTIyl+/VfqI3wfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Eternity FiveM.exe

Files

Eternity FiveM.exe
.exe windows:6 windows x64 arch:x64

Password: nicks

35bcd6a15486e8c66b1bd8a4f10e7aee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

glViewport

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

UnregisterDeviceNotification
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

gdi32

CreateBitmap

advapi32

RegCreateKeyExA

shell32

DragAcceptFiles

ole32

StringFromGUID2

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

d3dx9_43

D3DXMatrixTranspose

normaliz

IdnToAscii

wldap32

ord217

crypt32

CertEnumCertificatesInStore

ntdll

NtUnloadDriver

dbghelp

SymFromName

urlmon

URLDownloadToFileA

wtsapi32

WTSEnumerateProcessesA
WTSSendMessageW

imm32

ImmSetCandidateWindow

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception

api-ms-win-crt-heap-l1-1-0

_callnewh

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-stdio-l1-1-0

fseek

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-filesystem-l1-1-0

_fstat64

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-math-l1-1-0

atan2f

api-ms-win-crt-string-l1-1-0

tolower

ws2_32

closesocket

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

._r_o_o_
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

._r_o_o_
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: nicks

35bcd6a15486e8c66b1bd8a4f10e7aee

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcp140

d3dx9_43

normaliz

wldap32

crypt32

ntdll

dbghelp

urlmon

wtsapi32

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

ws2_32

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 293KB

.data Size: - Virtual size: 270KB

.pdata Size: - Virtual size: 45KB

._r_o_o_ Size: - Virtual size: 3.5MB

._r_o_o_ Size: 5.7MB - Virtual size: 5.7MB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 293KB

.data
Size: - Virtual size: 270KB

.pdata
Size: - Virtual size: 45KB

._r_o_o_
Size: - Virtual size: 3.5MB

._r_o_o_
Size: 5.7MB - Virtual size: 5.7MB

.rsrc
Size: 512B - Virtual size: 480B