KinitoPET[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

KinitoPET.exe
Size

34.1MB
MD5

f294bf869a738bfd3d6a7a126448d085
SHA1

09d1ad5e8fe20efd1e1065dd7e5d7bbdc4147f90
SHA256

b83ccd96153465d6ec45b76586ca5effcff8c1e85a2b64881437e9060d39754a
SHA512

284b8cec5097a4160737ec3f2f63774c60a8bb66c05f27b47ee10bc5184ff917a96403fb00a5d59d61340a56457f2653c46fe614a4c908b90e89d79da2295690
SSDEEP

786432:cThPAXf3igAkooZdFBX5oYviSEK95FBHU0KWOpEurOJARKcnVmEtQGqYXYaod7rB:cTx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KinitoPET.exe

Files

KinitoPET.exe
.exe windows:6 windows x64 arch:x64

979307b97050d331594ad2fe53cf28cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winmm

timeGetTime
timeEndPeriod
midiInOpen
midiInStart
timeBeginPeriod
midiInClose
midiInGetErrorTextA
midiInGetNumDevs
midiInGetID
midiInStop
midiInGetDevCapsA

opengl32

wglMakeCurrent
wglCreateContext
wglDeleteContext
wglGetProcAddress

kernel32

QueryPerformanceFrequency
CloseHandle
GetNativeSystemInfo
GetSystemInfo
LoadLibraryW
GetLocalTime
GetProcAddress
GlobalLock
GetCurrentProcessId
SystemTimeToFileTime
CreateProcessW
FreeLibrary
GetConsoleWindow
GetSystemTime
QueryPerformanceCounter
GlobalUnlock
LoadLibraryExW
GetExitCodeProcess
LoadLibraryA
GetSystemPowerStatus
SetConsoleTextAttribute
MultiByteToWideChar
GetOEMCP
GetACP
IsValidCodePage
GetFullPathNameW
GetConsoleCP
FlushFileBuffers
GetFileSizeEx
ReadConsoleW
GetConsoleMode
SetFilePointerEx
HeapReAlloc
CreatePipe
GetFileAttributesExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCommandLineA
WriteFile
RemoveDirectoryW
MoveFileExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
FreeEnvironmentStringsW
GetDriveTypeW
CreateFileW
GetCurrentThread
ExitThread
ReadFile
GetModuleHandleExW
GetFileType
SetStdHandle
RtlUnwind
RaiseException
RtlPcToFileHeader
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPopEntrySList
DuplicateHandle
VirtualProtect
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
GetTimeZoneInformation
Sleep
LCIDToLocaleName
GetModuleHandleA
WaitForSingleObject
GetEnvironmentVariableW
SetThreadPriority
GetUserDefaultUILanguage
GetLocaleInfoEx
SetEnvironmentVariableW
GetModuleFileNameW
TerminateProcess
OutputDebugStringA
GetStdHandle
GetCurrentProcess
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
GetCPInfo
GetStringTypeW
GetLocaleInfoW
HeapSize
SetEndOfFile
WriteConsoleW
SetPriorityClass
SetLastError
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
WideCharToMultiByte
LocalFree
GlobalAlloc
GetCommandLineW
GetEnvironmentStringsW
GetFileInformationByHandle
InterlockedPushEntrySList
LCMapStringW
CompareStringW
DecodePointer
EncodePointer
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindNextFileW
FindClose
CreateSemaphoreA
CreateEventA
VirtualFree
VirtualAlloc
CreateMutexA
ReleaseMutex
HeapFree
GetTickCount64
HeapAlloc
GetProcessHeap
ReleaseSemaphore
SetEvent
TryEnterCriticalSection
GetTickCount
ReplaceFileW
CreateDirectoryW
GetVolumeInformationW
GetLogicalDrives
FindFirstFileExW
GetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTempFileNameW
GetDiskFreeSpaceExA
ExitProcess
GetCurrentThreadId
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread

ole32

CoInitialize
PropVariantClear
CoCreateInstance
CoTaskMemFree

user32

GetCursorPos
GetDC
ReleaseDC
SetCursorPos
IsIconic
GetRawInputDeviceInfoA
GetRawInputDeviceList
DefWindowProcW
AdjustWindowRectEx
GetKeyState
GetMessageExtraInfo
AllowSetForegroundWindow
CallWindowProcW
CloseTouchInputHandle
GetTouchInputInfo
GetWindowRect
LoadCursorA
IsWindowVisible
SetWindowPos
MessageBoxW
MonitorFromWindow
SetWindowRgn
EnumDisplayMonitors
CreateWindowExW
GetKeyboardLayoutNameA
ScreenToClient
GetSystemMetrics
SetWindowTextW
RegisterClassExW
ShowWindow
OpenClipboard
DispatchMessageW
SetTimer
DestroyIcon
RegisterTouchWindow
CreateIconIndirect
ClientToScreen
CloseClipboard
EmptyClipboard
PeekMessageW
GetKeyboardLayoutList
GetRawInputData
TrackMouseEvent
GetKeyboardLayout
CreateIconFromResource
MessageBoxA
MoveWindow
SetFocus
RegisterRawInputDevices
TranslateMessage
GetClipboardData
ClipCursor
SendMessageA
SetCapture
SetClipboardData
SetCursor
LoadIconA
FlashWindowEx
GetClientRect
IsClipboardFormatAvailable
GetWindowLongPtrA
ActivateKeyboardLayout
KillTimer
SetWindowLongPtrA
ReleaseCapture
SetForegroundWindow

gdi32

GetObjectA
CreateBitmap
ChoosePixelFormat
SwapBuffers
CreateCompatibleDC
DeleteObject
SetBkColor
SetTextColor
BitBlt
CreateCompatibleBitmap
SelectObject
SetPixelFormat
CreatePolygonRgn
GetDeviceCaps
CreateRectRgn
DeleteDC

shell32

DragQueryFileW
ShellExecuteW
DragAcceptFiles
CommandLineToArgvW
SHFileOperationW
SHGetKnownFolderPath

advapi32

RegOpenKeyExW
GetCurrentHwProfileA
RegCloseKey
RegQueryValueExW

dinput8

DirectInput8Create

imm32

ImmGetContext
ImmAssociateContext
ImmSetCompositionWindow
ImmReleaseContext

avrt

AvSetMmThreadPriority
AvSetMmThreadCharacteristicsA

dwmapi

DwmFlush
DwmIsCompositionEnabled
DwmEnableBlurBehindWindow

iphlpapi

GetBestInterfaceEx
GetAdaptersAddresses

shlwapi

PathFileExistsW

wsock32

__WSAFDIsSet
accept
htons
ntohs
closesocket
send
getsockname
htonl
ntohl
WSAGetLastError
setsockopt
connect
socket
sendto
ioctlsocket
bind
recv
select
inet_ntoa
recvfrom
WSAStartup
listen
WSACleanup

ws2_32

freeaddrinfo
getnameinfo
getaddrinfo
WSAConnect
inet_pton

bcrypt

BCryptGenRandom

steam_api64

SteamGameServer_GetHSteamUser
SteamAPI_RegisterCallback
SteamAPI_RegisterCallResult
SteamInternal_GameServer_Init
SteamAPI_IsSteamRunning
SteamAPI_Init
SteamAPI_GetHSteamUser
SteamInternal_FindOrCreateGameServerInterface
SteamAPI_Shutdown
SteamInternal_ContextInit
SteamGameServer_Shutdown
SteamAPI_UnregisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_UnregisterCallResult
SteamInternal_FindOrCreateUserInterface
SteamAPI_RunCallbacks
SteamAPI_ReleaseCurrentThreadMemory

mono-2.0-sgen

mono_add_internal_call
mono_unhandled_exception
mono_get_exception_argument
mono_get_exception_index_out_of_range
mono_trace_set_log_handler
mono_trace_set_level_string
mono_array_length
mono_string_length
mono_value_box
mono_string_chars
mono_reflection_type_get_type
mono_print_unhandled_exception
mono_runtime_invoke
mono_runtime_set_pending_exception
mono_runtime_invoke_array
mono_get_root_domain
mono_object_get_class
mono_domain_get
mono_gchandle_get_target
mono_object_new
mono_assembly_getrootdir
mono_runtime_is_shutting_down
mono_type_get_type
mono_debug_init
mono_install_unhandled_exception_hook
mono_assembly_name_new
mono_domain_get_by_id
mono_class_get_image
mono_jit_cleanup
mono_domain_try_unload
mono_domain_finalize
mono_free
mono_domain_get_id
mono_get_runtime_build_info
mono_gc_collect
mono_runtime_set_main_args
mono_assembly_name_free
mono_set_dirs
mono_jit_init_version
mono_domain_is_unloading
mono_profiler_load
mono_domain_set
mono_assembly_set_main
mono_config_parse
mono_gc_max_generation
mono_jit_parse_options
mono_environment_exitcode_get
mono_install_assembly_load_hook
mono_image_close
mono_install_assembly_search_hook
mono_class_get_nested_types
mono_assembly_get_image
mono_install_assembly_preload_hook
mono_class_is_assignable_from
mono_image_open_from_data_with_name
mono_install_assembly_refonly_search_hook
mono_metadata_decode_row
mono_install_assembly_refonly_preload_hook
mono_assembly_get_name
mono_class_get_name
mono_table_info_get_rows
mono_image_get_assembly
mono_assembly_load_from_full
mono_class_get
mono_assembly_invoke_search_hook
mono_object_unbox
mono_image_get_table_info
mono_class_from_name
mono_image_get_filename
mono_class_get_namespace
mono_assembly_name_get_name
mono_image_get_table_rows
mono_assembly_name_get_version
mono_class_get_field_from_name
mono_custom_attrs_from_class
mono_class_get_type
mono_method_get_name
mono_type_get_object
mono_class_get_flags
mono_class_get_parent
mono_signature_get_param_count
mono_method_desc_search_in_class
mono_field_get_name
mono_custom_attrs_has_attr
mono_custom_attrs_free
mono_property_get_name
mono_custom_attrs_get_attr
mono_class_get_fields
mono_class_get_method_from_name
mono_method_desc_new
mono_method_signature
mono_class_get_methods
mono_class_get_nesting_type
mono_method_get_flags
mono_method_desc_free
mono_class_is_delegate
mono_method_get_class
mono_class_get_properties
mono_class_get_property_from_name
mono_field_get_type
mono_class_enum_basetype
mono_string_from_utf16
mono_field_get_flags
mono_field_set_value
mono_custom_attrs_from_field
mono_type_get_array_type
mono_class_is_enum
mono_class_from_mono_type
mono_field_get_value_object
mono_array_new
mono_custom_attrs_from_property
mono_signature_get_return_type
mono_property_get_get_method
mono_property_get_set_method
mono_array_addr_with_size
mono_signature_get_params
mono_gc_wbarrier_set_arrayref
mono_gchandle_new
mono_gchandle_free
mono_gchandle_new_weakref
mono_type_full_name
mono_method_get_param_names
mono_custom_attrs_from_method
mono_get_uint64_class
mono_get_single_class
mono_get_int32_class
mono_get_object_class
mono_method_get_unmanaged_thunk
mono_get_byte_class
mono_get_uint32_class
mono_get_sbyte_class
mono_get_uint16_class
mono_get_boolean_class
mono_get_string_class
mono_get_double_class
mono_get_int64_class
mono_get_int16_class
mono_get_intptr_class
mono_thread_attach
mono_property_get_value
mono_thread_set_main
mono_domain_set_config
mono_thread_current
mono_domain_create_appdomain
mono_thread_detach
mono_object_to_string

Exports

Exports

?_main@@YAHXZ
?widechar_main@@YAHHPEAPEA_W@Z
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
main

Sections

.text
Size: 26.4MB - Virtual size: 26.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 481KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 887KB - Virtual size: 886KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

979307b97050d331594ad2fe53cf28cb

Headers

DLL Characteristics

File Characteristics

Imports

winmm

opengl32

kernel32

ole32

user32

gdi32

shell32

advapi32

dinput8

imm32

avrt

dwmapi

iphlpapi

shlwapi

wsock32

ws2_32

bcrypt

steam_api64

mono-2.0-sgen

Exports

Exports

Sections

.text Size: 26.4MB - Virtual size: 26.4MB

.rdata Size: 6.2MB - Virtual size: 6.2MB

.data Size: 481KB - Virtual size: 559KB

.pdata Size: 887KB - Virtual size: 886KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 163KB - Virtual size: 162KB

.text
Size: 26.4MB - Virtual size: 26.4MB

.rdata
Size: 6.2MB - Virtual size: 6.2MB

.data
Size: 481KB - Virtual size: 559KB

.pdata
Size: 887KB - Virtual size: 886KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 163KB - Virtual size: 162KB