forza-painter-[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

forza-painter-.zip
Size

1.3MB
MD5

f0d6b0d7932de6ec299744473891c118
SHA1

1eeccad6919ac12a979dbe1bb57ec290c9c0f37d
SHA256

7f8373ee29f377c277a8cc022703fbd8566530c1235e08fb31640b74d55f65da
SHA512

8ae479df43035714807229b6a002141fe8bc2b537c709350654db876713d149683185173ef2b259610b537647115e52dda052ac7623b4d321b84f385c1858b35
SSDEEP

24576:vjkHcK8YNPgSeEv5xMvct99d72Iw5q/MuN2uyAGygxnpdRdF86lW7ehZK4ClS3On:m8mNeEXJt99p2IJ/k1XyIbB8vqKcen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/forza-painter-master/forza-painter.exe

Files

forza-painter-.zip
.zip
forza-painter-master/.gitignore
forza-painter-master/LICENSE
forza-painter-master/README.md
forza-painter-master/_dump_vinyl_group_by_running_this.bat
forza-painter-master/_redundancy_check_by_dragging_here.bat
forza-painter-master/_resume_json_by_dragging_here.bat
forza-painter-master/forza-painter.exe
.exe windows:6 windows x64 arch:x64

8f41d52602856ffc82cf9deeccab7f58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\User\source\repos\forsa-painter-geometrize\x64\Release\forza-painter.pdb

Imports

kernel32

Process32NextW
Process32FirstW
CloseHandle
CreateThread
LocalFree
ReadProcessMemory
GetConsoleWindow
AllocConsole
VirtualQueryEx
GetCurrentDirectoryW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetLastError
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
FormatMessageW
CreateToolhelp32Snapshot
OpenProcess
K32EnumProcessModulesEx
K32GetModuleFileNameExW
GetModuleFileNameW
GetCurrentProcess
GetStdHandle
GetCommandLineW
SetConsoleTextAttribute
GetCurrentProcessId
WriteProcessMemory
WaitForSingleObjectEx
ResetEvent
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
SetFileInformationByHandle
AreFileApisANSI
CopyFileW
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
InitOnceComplete
InitOnceBeginInitialize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
SetCurrentDirectoryW

user32

ShowWindow
DispatchMessageW
RegisterClassW
MoveWindow
TranslateMessage
SendMessageW
CreateWindowExW
GetWindowRect
GetSystemMetrics
GetDC
BeginPaint
FillRect
EndPaint
PostQuitMessage
GetMessageW
DefWindowProcW

gdi32

SelectObject
CreateCompatibleDC
StretchBlt
SetStretchBltMode
DeleteObject
CreateBitmap
SetBrushOrgEx

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

shell32

CommandLineToArgvW

msvcp140

?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ
_Cnd_register_at_thread_exit
_Cnd_wait
_Xtime_get_ticks
_Mtx_unlock
_Cnd_broadcast
_Cnd_destroy_in_situ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA_W_W@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?swap@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?swap@?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?swap@?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Xbad_function_call@std@@YAXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??7ios_base@std@@QEBA_NXZ
??Bios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Random_device@std@@YAIXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?_Winerror_map@std@@YAHH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?_Xbad_alloc@std@@YAXXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exceptions@std@@YAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
_Cnd_init_in_situ
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_unregister_at_thread_exit
??0task_continuation_context@Concurrency@@AEAA@XZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Thrd_hardware_concurrency
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_Throw_C_error@std@@YAXH@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__RTDynamicCast
memmove
memcpy
memchr
memcmp
__std_exception_destroy
__std_exception_copy
_purecall
__std_terminate
__current_exception
__current_exception_context
__C_specific_handler
memset
_CxxThrowException

api-ms-win-crt-stdio-l1-1-0

fputc
__acrt_iob_func
fflush
fclose
fseek
setvbuf
fgetc
ungetc
fwrite
fopen_s
fgetpos
__p__commode
_set_fmode
_get_stream_buffer_pointers
freopen_s
_fseeki64
fread
fsetpos
feof

api-ms-win-crt-runtime-l1-1-0

abort
_errno
terminate
_register_thread_local_exe_atexit_callback
_c_exit
_exit
exit
_initterm_e
_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
system

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
_set_new_mode
free

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-convert-l1-1-0

strtol
strtof

api-ms-win-crt-string-l1-1-0

tolower
strncmp
strcmp

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-math-l1-1-0

cos
cosf
sqrtf
sqrt
fminf
sinf
fmaxf
floor
fmodf
ceilf
roundf
ldexp
powf
__setusermatherr
sin

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
forza-painter-master/imgs/ayylmao.png
.png
forza-painter-master/imgs/yeahboiiiiiiiis_dad.png
.png
forza-painter-master/settings/_default.ini
forza-painter-master/settings/a. keemstar fast - extremely fast.ini
forza-painter-master/settings/b. fast - get'er'done.ini
forza-painter-master/settings/c. balanced - good quality and speed.ini
forza-painter-master/settings/d. slow - conserve shapes.ini
forza-painter-master/settings/e. super slow - best quality.ini
forza-painter-master/settings/f. time is not important - extreme quality.ini
forza-painter-master/settings/g. i hate my pc - yeahboiiiiis dad quality.ini

Sharing

General

Malware Config

Signatures

Files

8f41d52602856ffc82cf9deeccab7f58

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 293KB - Virtual size: 293KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 23KB - Virtual size: 24KB

.pdata Size: 13KB - Virtual size: 13KB

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 293KB - Virtual size: 293KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 23KB - Virtual size: 24KB

.pdata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 2KB - Virtual size: 1KB