Keygen[.]and[.]Patch[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Keygen.and.Patch.exe
Size

1005KB
MD5

a1824d24c6660b31b02c5fe86a017f71
SHA1

c96cd9675b2bf405930fecdae9cb432d1a41547b
SHA256

7f06ec34f0dee3bff00dfdb0d60cd352cfac230ce8b036b40b04797f59df7ff1
SHA512

fdb9df282b12329e7bd5971aae8caf0549efbb08933114aba283b8de51c63f3c5df8bb9d3cc637e1059f4ced1c3b88196e6773410335adf94422dd1b903c8e68
SSDEEP

12288:te/ln/osq5Yak6rEW/ml0ufto8d5uKKwSObrZsQUtcpND+5k9uEXzic9d3s:teB/osq5YakYv8iyrZ9Kk9u02c91s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Keygen.and.Patch.exe

Files

Keygen.and.Patch.exe
.exe windows:6 windows x86 arch:x86

a94425fb9695d98721016adaed28014e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtQuerySection
RtlUnwind

kernel32

VirtualAlloc
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
GetLastError
RaiseFailFastException
GetCurrentThread
LoadLibraryW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
SetThreadPriority
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
CloseHandle
CreateThread
ExitProcess
CopyFileW
CreateFileMappingW
MapViewOfFile
GetTickCount
ReadFile
HeapFree
ReleaseSemaphore
WriteFile
WaitForSingleObject
CreateEventW
Sleep
GetCurrentProcess
CreateFileA
SetEvent
LoadLibraryA
QueryPerformanceFrequency
HeapReAlloc
ResetEvent
HeapAlloc
SetFilePointerEx
GetProcessHeap
FreeLibrary
CreateSemaphoreW
WideCharToMultiByte
QueryPerformanceCounter
GetStringTypeW
SetStdHandle
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
MultiByteToWideChar
GetCommandLineW
VirtualFree
EnterCriticalSection
SetLastError
SetEndOfFile
VirtualProtect
WriteConsoleW
FlushFileBuffers
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
ReadConsoleW
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
HeapSize
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
EncodePointer

user32

TranslateMessage
RegisterClassW
DestroyIcon
DispatchMessageW
ShowWindow
SetWindowTextW
GetSystemMetrics
SendMessageW
CreateWindowExW
EnumChildWindows
MessageBoxW
CreateIconFromResourceEx
DefWindowProcW
GetMessageW
AnimateWindow

gdi32

SetTextColor
SetBkColor
CreateSolidBrush
GetStockObject

comdlg32

GetOpenFileNameW

gdiplus

GdipDrawImage
GdipDrawImagePointRectI
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipCreateBitmapFromHICON
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCloneBrush
GdipFillEllipseI
GdipFree
GdipCreateFromHWND
GdipCreateSolidFill
GdipDisposeImage
GdipDrawImageRectI
GdipAlloc
GdipDeleteBrush
GdipCloneImage
GdipGetImageHeight
GdipGetImageWidth
GdiplusStartup
GdipDrawImageI

Sections

.text
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a94425fb9695d98721016adaed28014e

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

comdlg32

gdiplus

Sections

.text Size: 382KB - Virtual size: 382KB

.rdata Size: 598KB - Virtual size: 598KB

.data Size: 6KB - Virtual size: 136KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 382KB - Virtual size: 382KB

.rdata
Size: 598KB - Virtual size: 598KB

.data
Size: 6KB - Virtual size: 136KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 16KB - Virtual size: 16KB