premake5[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

premake5.exe
Size

1.3MB
MD5

b592932dab91d0dc51e0e3e006900a7b
SHA1

5b245bc95eed20c9fa07af3e477e68bae62390d0
SHA256

6810a9d0c39d6d8361158da6bce9cb146267ba3405cb9eaea98dd0df36e991e0
SHA512

8f75626f982f7fb7d310065b1b008e47ceb5e6211277370b810fcdd86b3f7b1ddacbdd3df72bae9bc99f9f0775fe7046ad68a86c95ee88e46a55a4fbffc30923
SSDEEP

24576:xfkXA29rDpc1xeu5VHhgaN/tWo5Cn9tHT3Tu/B/:lkXn9hcXeoHhgM89tHT3TQB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
premake5.exe

Files

premake5.exe
.exe windows:6 windows x86 arch:x86

e79f783b08c933e258d6925db67c78e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\Projects\premake\premake-core\bin\release\premake5.pdb

Imports

ole32

CoCreateGuid

advapi32

CryptCreateHash
CryptDestroyHash
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
CryptGetHashParam
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
CryptHashData

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GetLastError
CopyFileW
WideCharToMultiByte
GetCurrentDirectoryW
GetStdHandle
WriteConsoleA
SetConsoleMode
ReadConsoleA
GetConsoleMode
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
DeleteFileW
LocalFree
MoveFileExW
RemoveDirectoryW
SetFileTime
SystemTimeToFileTime
GetSystemTime
GetModuleFileNameW
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetCurrentDirectoryW
MultiByteToWideChar
FormatMessageW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
CreatePipe
GetExitCodeProcess
WaitForSingleObject
GetTimeZoneInformation
GetCPInfo
CreateDirectoryW
SetStdHandle
SetFileAttributesW
GetFileAttributesExW
HeapReAlloc
SetFilePointerEx
GetFileSizeEx
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStringTypeW
SetEndOfFile
HeapSize
GetProcessHeap
WriteConsoleW
CreateFileW
LoadLibraryW
GetModuleFileNameA
LoadLibraryExA
FreeLibrary
FormatMessageA
MoveFileExA
SetLastError
SleepEx
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetTickCount64
GetSystemDirectoryW
DecodePointer
VerSetConditionMask
VerifyVersionInfoW
ExpandEnvironmentStringsA
WaitForSingleObjectEx
CloseHandle
GetModuleHandleA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
EncodePointer
RaiseException
SetConsoleCtrlHandler
ReadFile
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
QueryPerformanceFrequency
ExitProcess
GetModuleHandleExW
GetTempPathW
DuplicateHandle
CreateProcessW
CreateThread
ExitThread
FreeLibraryAndExitThread
WriteFile
GetCommandLineA
GetCommandLineW
ReadConsoleW
GetConsoleCP
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW

crypt32

CertFreeCertificateContext

ws2_32

select
bind
WSAIoctl
closesocket
WSASetLastError
getpeername
getsockname
socket
ioctlsocket
connect
freeaddrinfo
htons
setsockopt
send
recv
WSAGetLastError
WSACleanup
WSAStartup
getaddrinfo
__WSAFDIsSet
ntohs
getsockopt

Sections

.text
Size: 597KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e79f783b08c933e258d6925db67c78e0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

advapi32

version

kernel32

crypt32

ws2_32

Sections

.text Size: 597KB - Virtual size: 596KB

.rdata Size: 741KB - Virtual size: 740KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 597KB - Virtual size: 596KB

.rdata
Size: 741KB - Virtual size: 740KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 21KB - Virtual size: 21KB