Static task
static1
General
-
Target
FiveMModMenu_854802.exe
-
Size
25.6MB
-
MD5
ddc225144a61ffdfde1b267cffaf0020
-
SHA1
1dc9307fe9f8478b67fa5b091aac4ba79ac17fef
-
SHA256
6a6eb65efb2a6c4cc4ce83baed35e9fa1e804cafd5c11509003f17272118e4f8
-
SHA512
f39e51cc80476155cc250cba3b3107c62801a267f5b1b23befa7ec712d9d6deb34b486a4d9e864d773d9a33ad0394e21c4d875063bbad76607d858860c0f81d5
-
SSDEEP
786432:7XtgTpD0FBqY9UTbjD3xMT/JhrRllamotLvqWabDBEl:75BZJhr/laAWanBEl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FiveMModMenu_854802.exe
Files
-
FiveMModMenu_854802.exe.exe windows:6 windows x86 arch:x86
817f112bb450ec56ccba644572f3b02a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcess
SetEndOfFile
CreateThread
GetEnvironmentVariableA
MoveFileExW
GetFullPathNameW
SetEvent
GetFileSize
SetFilePointer
IsValidCodePage
HeapFree
DeleteFileW
PeekNamedPipe
CreateFileA
GlobalAlloc
ReleaseSRWLockExclusive
CreateDirectoryW
SleepEx
GetTimeFormatW
VerifyVersionInfoW
lstrlenA
CompareStringW
SetPriorityClass
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetEnvironmentStringsW
GetProcessAffinityMask
GetFileAttributesA
SetStdHandle
CreateEventA
WriteConsoleW
WideCharToMultiByte
InitializeCriticalSectionEx
GetDriveTypeW
AcquireSRWLockExclusive
RemoveDirectoryW
GetDateFormatW
SetFilePointerEx
GlobalUnlock
IsValidLocale
SystemTimeToTzSpecificLocalTime
GetOEMCP
GetLogicalDriveStringsA
LoadLibraryW
GetUserDefaultLCID
GetConsoleMode
GetCurrentProcessId
GetModuleHandleA
ReleaseSemaphore
RaiseException
GetCurrentThreadId
CompareFileTime
HeapReAlloc
FindClose
HeapAlloc
GetLogicalDriveStringsW
ExitProcess
QueryPerformanceFrequency
AreFileApisANSI
Sleep
EncodePointer
GetStringTypeW
GetCommandLineA
SetUnhandledExceptionFilter
SetLastError
RtlUnwind
UnhandledExceptionFilter
EnumSystemLocalesW
GetFileType
DeleteCriticalSection
TlsAlloc
FileTimeToSystemTime
TlsSetValue
MoveFileW
InitializeSListHead
SetFileAttributesW
VirtualFree
CreateDirectoryA
WaitForMultipleObjects
GetTimeZoneInformation
LocalFree
GetModuleFileNameA
WaitForSingleObject
ResetEvent
FindFirstFileW
GlobalFree
TerminateProcess
GetConsoleCP
GetLastError
ReadConsoleW
SetEnvironmentVariableA
GetProcessHeap
GetFileInformationByHandle
FlushFileBuffers
FreeLibrary
FindNextFileA
VirtualAlloc
WriteFile
GetTickCount64
LCMapStringW
CreateFileW
ExitThread
GetModuleHandleW
FindFirstFileA
DecodePointer
LeaveCriticalSection
IsProcessorFeaturePresent
GetModuleFileNameW
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetCurrentDirectoryA
FormatMessageA
CreateSemaphoreA
lstrcatA
GetFileSizeEx
FindFirstFileExA
LCMapStringEx
MoveFileA
FreeLibraryAndExitThread
QueryPerformanceCounter
GetFileAttributesW
TlsFree
GlobalLock
GlobalMemoryStatus
GetACP
WaitForSingleObjectEx
MultiByteToWideChar
GetStdHandle
FreeEnvironmentStringsW
GetStartupInfoW
GetSystemInfo
CloseHandle
GetTickCount
GetCPInfo
FindNextFileW
TlsGetValue
HeapSize
EnterCriticalSection
GetVersionExA
RemoveDirectoryA
GetModuleHandleExW
GetProcAddress
ReadFile
IsDebuggerPresent
DeleteFileA
VerSetConditionMask
SetFileAttributesA
FileTimeToLocalFileTime
GetCommandLineW
GetLocaleInfoW
GetCurrentDirectoryW
InitializeCriticalSection
LoadLibraryExW
FormatMessageW
GetFileAttributesExW
SetFileTime
GetVersion
user32
MessageBoxW
GetWindowTextA
CloseClipboard
SetClipboardData
ScreenToClient
LoadIconA
DialogBoxParamW
GetWindowTextLengthA
GetWindowTextW
SystemParametersInfoA
SetTimer
GetFocus
EndDialog
OpenClipboard
SetWindowTextA
CharUpperW
MapDialogRect
SetWindowLongA
LoadStringW
LoadCursorA
CharUpperA
SendMessageA
LoadStringA
GetWindowTextLengthW
KillTimer
GetWindowLongA
PostMessageA
SendMessageW
DialogBoxParamA
GetParent
ShowWindow
IsDlgButtonChecked
MessageBoxA
InvalidateRect
GetWindowRect
MonitorFromWindow
SetFocus
wsprintfA
CheckDlgButton
SetWindowTextW
EnableWindow
GetDlgItem
SetCursor
GetKeyState
MoveWindow
GetMonitorInfoA
EmptyClipboard
advapi32
CloseServiceHandle
CryptImportKey
CryptEncrypt
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptHashData
shell32
SHGetFileInfoA
SHGetSpecialFolderPathW
SHBrowseForFolderA
SHGetPathFromIDListA
ole32
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
OleInitialize
oleaut32
SysAllocString
SysAllocStringLen
SysStringLen
VariantClear
SysFreeString
bcrypt
BCryptGenRandom
crypt32
PFXImportCertStore
CertOpenStore
CertAddCertificateContextToStore
CryptQueryObject
CertFreeCertificateChainEngine
CertFindExtension
CertFreeCertificateChain
CryptDecodeObjectEx
CertGetNameStringW
CertFreeCertificateContext
CertCloseStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCreateCertificateChainEngine
CryptStringToBinaryW
CertGetCertificateChain
wldap32
ord219
ord145
ord216
ord142
ord41
ord14
ord147
ord79
ord27
ord167
ord208
ord73
ord133
ord127
ord301
ord117
ord46
ord26
ws2_32
recvfrom
listen
accept
htonl
WSACreateEvent
WSAIoctl
ioctlsocket
gethostname
sendto
WSAStartup
WSACleanup
WSAWaitForMultipleEvents
getsockopt
freeaddrinfo
send
WSACloseEvent
getaddrinfo
WSAEventSelect
WSAEnumNetworkEvents
ntohs
WSASetLastError
WSAGetLastError
closesocket
setsockopt
WSAResetEvent
htons
socket
select
__WSAFDIsSet
recv
connect
getsockname
getpeername
bind
Sections
.text Size: 6.7MB - Virtual size: 6.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 251KB - Virtual size: 251KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 90KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ