mx[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mx.exe
Size

1.1MB
MD5

aff71afb0afcbfad7ad51ef3052194e4
SHA1

ea6ffc7b7514935dd93d094a164f4cdcff1ac66a
SHA256

b8cef4a202586bbe1b1e820a33ccebdcfd19a6954ed03e534b7c307d227a287c
SHA512

4d21dd751050f1b1de512e96e1f0fce9b555a2e6ad9bd98b9ba89e014d3f3cdd7763fed7823bb0a2abf570d451a72cd3d700b3ad3627b4fda57b7c48a8255714
SSDEEP

24576:SnRx4c5YGWdHLvCnPDo6NPWhyclO6SpTVt+ZjvIzyVRuoXWAXZrEHXcGh1o5Ms51:+kcUJLvCnPDdPWhyclOzpTVt+ZjvIS7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mx.exe

Files

mx.exe
.exe windows:4 windows x86 arch:x86

b609cdc0eea749d69a1aedddbcee0caf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

BitBlt
ChoosePixelFormat
CreateCompatibleDC
CreateDIBSection
CreatePalette
DeleteDC
DeleteObject
GetClipBox
GetDeviceCaps
GetSystemPaletteEntries
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetPaletteEntries
SetPixelFormat
SwapBuffers
UnrealizeObject

kernel32

AddAtomA
CloseHandle
CreateMutexA
ExitProcess
FindAtomA
FreeLibrary
GetAtomNameA
GetCurrentProcess
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
LoadLibraryA
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
Sleep
WaitForSingleObject

msvcrt

_mkdir
_stat
_strdup
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthread
_cexit
_commit
_errno
_findclose
_findfirst
_findnext
_fullpath
_iob
_isctype
_onexit
_pctype
_setjmp
_setmode
_vsnprintf
abort
acos
atexit
atoi
calloc
ceil
exit
fclose
fflush
fgetc
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
fwrite
getenv
gmtime
ldexp
log10
longjmp
malloc
memcpy
memmove
memset
perror
pow
printf
puts
rand
realloc
remove
rename
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtod
strtol
tan
time
tolower
vfprintf

opengl32

glAlphaFunc
glBegin
glBindTexture
glBlendFunc
glCallList
glClear
glClearColor
glColor3f
glColor3fv
glColor4f
glColor4fv
glColor4ubv
glColorPointer
glCopyTexSubImage2D
glDeleteLists
glDeleteTextures
glDepthFunc
glDepthMask
glDisable
glDisableClientState
glDrawArrays
glDrawElements
glEnable
glEnableClientState
glEnd
glEndList
glFinish
glFogf
glFogfv
glFogi
glFrustum
glGenLists
glGenTextures
glGetError
glGetIntegerv
glGetString
glGetTexLevelParameteriv
glLightModelfv
glLightModeli
glLightfv
glLoadIdentity
glMaterialf
glMaterialfv
glMatrixMode
glMultMatrixf
glNewList
glNormal3fv
glNormalPointer
glOrtho
glPixelStorei
glPopAttrib
glPopMatrix
glPushAttrib
glPushMatrix
glReadPixels
glRotatef
glScalef
glShadeModel
glTexCoord2f
glTexCoord2fv
glTexCoordPointer
glTexEnvi
glTexImage2D
glTexParameterf
glTexParameterfv
glTexSubImage2D
glTranslatef
glVertex2f
glVertex3f
glVertex3fv
glVertexPointer
glViewport
wglCreateContext
wglDeleteContext
wglGetProcAddress
wglMakeCurrent

user32

AdjustWindowRectEx
ChangeDisplaySettingsA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumDisplaySettingsA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetKeyNameTextA
GetMessageA
GetMessageTime
GetWindowLongA
GetWindowRect
IsWindowVisible
LoadCursorA
LoadIconA
LockSetForegroundWindow
MessageBoxA
PeekMessageA
PostMessageA
PostThreadMessageA
RegisterClassA
ReleaseDC
ScreenToClient
SetForegroundWindow
SetWindowLongA
SetWindowPos
ShowWindow
TranslateMessage
UpdateWindow
ValidateRect

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
waveOutClose
waveOutGetDevCapsA
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
gethostbyname
htons
ioctlsocket
recvfrom
sendto
socket

Sections

.text
Size: 985KB - Virtual size: 985KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 26.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b609cdc0eea749d69a1aedddbcee0caf

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

opengl32

user32

winmm

ws2_32

Sections

.text Size: 985KB - Virtual size: 985KB

.data Size: 75KB - Virtual size: 75KB

.rodata Size: 512B - Virtual size: 16B

.rdata Size: 85KB - Virtual size: 84KB

.bss Size: - Virtual size: 26.5MB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 985KB - Virtual size: 985KB

.data
Size: 75KB - Virtual size: 75KB

.rodata
Size: 512B - Virtual size: 16B

.rdata
Size: 85KB - Virtual size: 84KB

.bss
Size: - Virtual size: 26.5MB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 16KB - Virtual size: 15KB