KeygenAndPatch[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

KeygenAndPatch.exe
Size

1.0MB
MD5

42b460d1c4a2d5104305dbad676024b7
SHA1

35817116617c08054937b915d640b87f28514d86
SHA256

b8698e3d25dacf1d5e7d1dfe6deae98bf22a0cac76404a7ef4d009499414661f
SHA512

a0696d7202a958b16a5a33dd0b5d6ea0f2e27f51d92bb9dcd8b0b386ef666ad87e18d4a613040db00374b7fcd452671763b9dd747b77e82c0c2c8273389dc8a2
SSDEEP

24576:7MO/ZPZYDt7G1Gbv0IZJ0wvSvrZv2fhSMXlohp43CKuk:7wDt7G11Iz0PeB3Ruk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KeygenAndPatch.exe

Files

KeygenAndPatch.exe
.exe windows:6 windows x86 arch:x86

366a636d2846cc0de06fbd00232ab687

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtQuerySection
RtlUnwind

kernel32

GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
GetLastError
RaiseFailFastException
GetCurrentThread
LoadLibraryW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
WriteFile
SetThreadPriority
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
CloseHandle
CreateThread
ExitProcess
CopyFileW
CreateFileMappingW
MapViewOfFile
GetTickCount
ReadFile
HeapFree
ReleaseSemaphore
WaitForSingleObject
CreateEventW
Sleep
VirtualAlloc
SetEvent
LoadLibraryA
QueryPerformanceFrequency
HeapReAlloc
ResetEvent
HeapAlloc
SetFilePointerEx
GetProcessHeap
FreeLibrary
CreateSemaphoreW
WideCharToMultiByte
QueryPerformanceCounter
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
GetCurrentProcess
VirtualFree
EnterCriticalSection
VirtualProtect
SetLastError
SetEndOfFile
CreateFileA
WriteConsoleW
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
ReadConsoleW
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RaiseException
GetCPInfo
HeapSize
FlushFileBuffers
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
InitializeCriticalSectionEx
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW

user32

TranslateMessage
RegisterClassW
GetWindowTextA
DestroyIcon
DispatchMessageW
ShowWindow
SetWindowTextW
GetSystemMetrics
SendMessageW
CreateWindowExW
EnumChildWindows
MessageBoxW
CreateIconFromResourceEx
DefWindowProcW
GetMessageW
AnimateWindow

gdi32

SetTextColor
SetBkColor
CreateSolidBrush
GetStockObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

gdiplus

GdipCreateBitmapFromHICON
GdipDrawImageI
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipDrawImage
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCloneBrush
GdipFillEllipseI
GdipFree
GdipCreateFromHWND
GdipCreateSolidFill
GdipDisposeImage
GdipDrawImageRectI
GdipAlloc
GdipDeleteBrush
GdipCloneImage
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdiplusStartup
GdipGetImageWidth

Sections

.text
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 605KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

366a636d2846cc0de06fbd00232ab687

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

comdlg32

gdiplus

Sections

.text Size: 446KB - Virtual size: 445KB

.rdata Size: 605KB - Virtual size: 605KB

.data Size: 6KB - Virtual size: 138KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 446KB - Virtual size: 445KB

.rdata
Size: 605KB - Virtual size: 605KB

.data
Size: 6KB - Virtual size: 138KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 14KB - Virtual size: 14KB