ModrinthMalwareScanner (1)[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ModrinthMalwareScanner (1).exe
Size

5.6MB
MD5

5bc1df4069f962e9d1c390120c846452
SHA1

021c5064a905ee8cc84885d19aeef4dbba5e7e20
SHA256

a62cb27be3cb54a9b112b1d1050744038db42f4f3426d000b119b307bf2bf93c
SHA512

a07301135f019c8e09d189e58ff2c4c5feb145528e5a9e9af68fc1ea3b0c2af1f0ed1e233ea25bf035b9c28ed4f1b70e3f809563c7bcf84cd0e9f0db9b3776ee
SSDEEP

49152:PGmS+T5Orr1RS5RiGd8P59SNS4jjJUoZf5116lcDrP+Z0AJP2VGjn0pjHS3DQkQY:P8HSIyFUEGlcDLDAdYGjn0pj/5BhbNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ModrinthMalwareScanner (1).exe

Files

ModrinthMalwareScanner (1).exe
.exe windows:6 windows x64 arch:x64

Password: i7y65rtwegsdk

b16f1b4607f6027eed50830215ce62f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

oracle.pdb

Imports

bcryptprimitives

ProcessPrng

api-ms-win-core-synch-l1-2-0

WakeByAddressSingle
WakeByAddressAll
WaitOnAddress

opengl32

wglGetCurrentContext
wglShareLists
wglCreateContext
wglGetCurrentDC
wglDeleteContext
wglGetProcAddress
wglMakeCurrent

kernel32

WideCharToMultiByte
GlobalFree
GlobalAlloc
GetCurrentThread
GlobalUnlock
GlobalSize
GlobalLock
SetThreadErrorMode
FormatMessageW
GetModuleFileNameW
LoadLibraryW
GetLastError
LoadLibraryExW
GetProcAddress
lstrlenW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
MultiByteToWideChar
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateMutexA
WaitForSingleObjectEx
GetFullPathNameW
CreateThread
WriteConsoleW
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
GetFileAttributesW
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
LoadLibraryA
ReadFileEx
CreateNamedPipeW
ExitProcess
GetModuleHandleW
GetFileType
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
SetConsoleMode
GetConsoleMode
CloseHandle
FreeLibrary
GetFileInformationByHandle
Sleep
GetModuleHandleA
FreeEnvironmentStringsW
DeleteProcThreadAttributeList
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
WaitForSingleObject
QueryPerformanceCounter
GetSystemInfo
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
DeleteFileW
SetFileInformationByHandle
GetCurrentProcess
DuplicateHandle
SetFilePointerEx
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
CreateFileW
FindClose
FindNextFileW
HeapAlloc
GetProcessHeap
ReleaseMutex
HeapReAlloc
HeapFree
GetSystemTimePreciseAsFileTime
QueryPerformanceFrequency
GetStdHandle
GetCurrentProcessId
WriteFileEx
SleepEx
GetExitCodeProcess
IsProcessorFeaturePresent

user32

GetAsyncKeyState
SetWindowPlacement
SystemParametersInfoA
ToUnicodeEx
GetKeyState
MapVirtualKeyExW
GetKeyboardLayout
AdjustWindowRectEx
PeekMessageW
PostMessageW
GetWindowLongW
SetWindowPos
InvalidateRgn
RegisterClassExW
SetWindowLongW
ShowWindow
RedrawWindow
IsProcessDPIAware
IsIconic
GetKeyboardState
GetClipCursor
ShowCursor
GetWindowRect
DestroyIcon
CreateIcon
SetForegroundWindow
SendInput
GetWindowTextW
GetWindowTextLengthW
CreateWindowExW
GetSystemMetrics
RegisterTouchWindow
DestroyWindow
DefWindowProcW
EnableMenuItem
ReleaseDC
SetWindowLongPtrW
TranslateMessage
GetWindowPlacement
GetSystemMenu
SetWindowTextW
ClipCursor
MapVirtualKeyW
SetWindowDisplayAffinity
GetRawInputData
GetClientRect
CreateIconFromResourceEx
RegisterRawInputDevices
MonitorFromPoint
EnumDisplayMonitors
ReleaseCapture
SetCapture
RegisterWindowMessageA
KillTimer
SetTimer
GetMessageW
RegisterClipboardFormatW
DispatchMessageW
SetClipboardData
CloseClipboard
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
ChangeDisplaySettingsExW
FlashWindowEx
SetCursorPos
ClientToScreen
GetForegroundWindow
GetClassInfoExW
GetClassNameW
GetDC
GetMonitorInfoW
MonitorFromWindow
GetCursorPos
TrackMouseEvent
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo
MonitorFromRect
SetCursor
LoadCursorW
GetMenu
GetWindowLongPtrW
ValidateRect
SendMessageW
GetActiveWindow

ole32

OleInitialize
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
RegisterDragDrop
RevokeDragDrop

shell32

DragQueryFileW
SHCreateItemFromParsingName
SHGetKnownFolderPath
DragFinish

gdi32

DeleteObject
SetPixelFormat
CreateRectRgn
ChoosePixelFormat
DescribePixelFormat
SwapBuffers
GetDeviceCaps

dwmapi

DwmEnableBlurBehindWindow

shlwapi

AssocQueryStringW

advapi32

RevertToSelf
ImpersonateAnonymousToken

uxtheme

SetWindowTheme

imm32

ImmAssociateContextEx
ImmGetContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmReleaseContext

ntdll

NtWriteFile
NtReadFile
RtlNtStatusToDosError

vcruntime140

__current_exception
__CxxFrameHandler3
memset
memmove
__current_exception_context
memcpy
memcmp
_CxxThrowException
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-math-l1-1-0

powf
_hypotf
sin
atan2f
floorf
expf
trunc
truncf
floor
cosf
exp2f
acosf
cbrtf
roundf
round
cos
__setusermatherr
sinf
ceilf
ceil

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argc
_set_app_type
_seh_filter_exe
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
strerror
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
exit
_exit

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: i7y65rtwegsdk

b16f1b4607f6027eed50830215ce62f0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcryptprimitives

api-ms-win-core-synch-l1-2-0

opengl32

kernel32

user32

ole32

shell32

gdi32

dwmapi

shlwapi

advapi32

uxtheme

imm32

ntdll

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 3KB - Virtual size: 3KB

.pdata Size: 117KB - Virtual size: 116KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 3KB - Virtual size: 3KB

.pdata
Size: 117KB - Virtual size: 116KB

.reloc
Size: 15KB - Virtual size: 15KB