mupen64[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mupen64.exe
Size

1.6MB
MD5

05d902a637d6d978f267e927333f8ef7
SHA1

3a43bdce8a065aafe341d6348b93d936ebe1eac9
SHA256

48ed40b2e2910795607baca828175f5698e35e7a966c82056789a48e48358e91
SHA512

53bbd82fa3e7c650b2a1e7844c13b1f611ee1ff9b29c3a75bd9cc5b7cc55c3187b52833485880128c6de495f84f8e3c7d7cb7aa5be44e59bb24f00a387bf7f03
SSDEEP

24576:1WqpTPyou34j+uob4U94MWyg+xVI0Gww6EOIZQPsh0lhSMXlPZOm/M:9pTP035cU9LG+xVIbp6E5ZQPRE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mupen64.exe

Files

mupen64.exe
.exe windows:6 windows x86 arch:x86

4f7fd3333bfe477276314c6dbd37497c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\mupen64-rr-lua-\mupen64-rr-lua-\winproject\mupen64\bin\mupen64.pdb

Imports

avifil32

AVIStreamWrite
AVIFileExit
AVIFileInit
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamSetFormat
AVIMakeCompressedStream
AVISaveOptions
AVIFileRelease
AVIStreamRelease

winmm

PlaySoundA
timeEndPeriod
timeBeginPeriod

comctl32

PropertySheetA
ord344
ImageList_Create
ImageList_ReplaceIcon

uxtheme

SetWindowTheme

msimg32

TransparentBlt
AlphaBlend

gdiplus

GdipDeleteGraphics
GdipFillRectangleI
GdipFillEllipseI
GdipCreateFromHDC
GdipTranslateMatrix
GdipGetImageWidth
GdipDrawImageI
GdipCreateSolidFill
GdipFillPolygon
GdipSetWorldTransform
GdipRotateMatrix
GdipCreateMatrix
GdipCreateBitmapFromHBITMAP
GdipDeleteMatrix
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipDeleteBrush
GdipDrawImageRectRectI
GdipResetWorldTransform
GdipCloneImage
GdipDrawImageRectI
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusStartup

d2d1

ord1

dwrite

DWriteCreateFactory

dbghelp

ImageDirectoryEntryToDataEx

dcomp

DCompositionCreateDevice

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory2

kernel32

SetEndOfFile
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
CreatePipe
GetExitCodeProcess
SetStdHandle
DeleteFileW
FlushFileBuffers
GetFileSizeEx
Sleep
GetModuleHandleA
SleepEx
GetCurrentProcess
K32GetModuleBaseNameA
K32EnumProcessModules
GetSystemTime
GetModuleFileNameA
GetCurrentThreadId
SetCurrentDirectoryA
CreateDirectoryA
AllocConsole
SetUnhandledExceptionFilter
LoadLibraryA
GetProcAddress
FreeLibrary
WaitForSingleObject
TerminateThread
CreateThread
VirtualProtectEx
lstrlenA
lstrcpynA
lstrcmpiA
MulDiv
FindFirstFileA
FindNextFileA
FindClose
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetLastError
LoadLibraryExA
FormatMessageA
GetDriveTypeW
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionEx
TryAcquireSRWLockExclusive
GetExitCodeThread
WaitForSingleObjectEx
QueryPerformanceFrequency
WideCharToMultiByte
MultiByteToWideChar
GetFileInformationByHandleEx
MoveFileExW
CloseHandle
AreFileApisANSI
GetTempPathW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
CreateFileW
GetCurrentDirectoryW
GetLocaleInfoEx
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
HeapFree
HeapReAlloc
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameW
ExitProcess
LocalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
WriteConsoleW
TerminateProcess
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
CreateProcessW
DuplicateHandle
FileTimeToSystemTime
GetFileType

user32

PostMessageA
ReleaseDC
ClientToScreen
GetDC
CheckDlgButton
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
GetDpiForWindow
FillRect
ScreenToClient
GetActiveWindow
GetKeyNameTextA
DrawTextA
GetForegroundWindow
SetLayeredWindowAttributes
DrawTextExA
CreateDialogParamA
GetWindowTextLengthA
InvalidateRect
GetCursorPos
GetMenuState
GetKeyState
GetMessageA
EnumDisplayDevicesA
DispatchMessageA
GetMenu
SetWindowPos
MessageBoxW
DeleteMenu
GetSubMenu
EnumDisplaySettingsA
TranslateMessage
CheckMenuItem
PostQuitMessage
EnableMenuItem
GetDlgItem
InsertMenuItemA
RegisterClassExA
UpdateWindow
ShowCursor
ModifyMenuA
GetMenuStringA
IsWindow
BringWindowToTop
LoadIconA
GetWindowRect
MapWindowPoints
SetFocus
LoadCursorA
ShowWindow
RedrawWindow
SetWindowLongA
GetWindowLongA
MoveWindow
RegisterClassA
DefWindowProcA
GetClientRect
BeginPaint
EndPaint
SetTimer
KillTimer
LoadImageA
DestroyWindow
GetAsyncKeyState
GetDlgItemTextA
MessageBoxA
CreateWindowExA
SendDlgItemMessageA
GetDlgItemInt
SetDlgItemInt
EnableWindow
EndDialog
DialogBoxParamA
GetWindowTextA
SetWindowTextA
IsDlgButtonChecked
SetDlgItemTextA
SendMessageA

gdi32

GetDeviceCaps
GetTextExtentPoint32A
SetTextColor
TextOutA
SetBkMode
ExtTextOutA
CreatePen
SelectClipRgn
Polygon
CreateFontIndirectA
MoveToEx
SetBkColor
Ellipse
CreateSolidBrush
RoundRect
GetStockObject
CreateDIBSection
StretchDIBits
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GdiFlush
GetDIBits
DeleteDC
SetDIBits
DeleteObject
CreateRectRgn
LineTo

shell32

ord155
ShellExecuteA
SHParseDisplayName
SHGetSpecialFolderPathW
SHCreateShellItem
SHCreateItemFromParsingName
DragQueryFileA

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f7fd3333bfe477276314c6dbd37497c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

avifil32

winmm

comctl32

uxtheme

msimg32

gdiplus

d2d1

dwrite

dbghelp

dcomp

d3d11

dxgi

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 351KB - Virtual size: 350KB

.data Size: 24KB - Virtual size: 37.2MB

.rsrc Size: 156KB - Virtual size: 156KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 351KB - Virtual size: 350KB

.data
Size: 24KB - Virtual size: 37.2MB

.rsrc
Size: 156KB - Virtual size: 156KB