#Merlis-Patcher[.]exe

Resubmissions

26/07/2024, 21:44

240726-1lwwjawgmj 3

26/07/2024, 21:43

240726-1kx27szcng 3

Sharing

Copy URL Twitter E-mail

General

Target

#Merlis-Patcher.exe
Size

4.3MB
MD5

44bfbb753bc75ccc2c5234d069d19c3e
SHA1

acf95b2da37c43c0b1652c8146180125bee9b256
SHA256

cf38a224947d295fe7a6dde4a72a85e671a93fda6d46dbb7fa5cdf4d27b2643b
SHA512

83e24867c882c7bf6d36edf110dda6133b3ac912b9e207bcb72748c8a7a14488f5d7ae467a9d789efa988649575ff3efac941faf052c52c90f915ac76538410c
SSDEEP

98304:dXdPoQHMgtFbcThCI3tT2NVjF0ZH1rgpAhhR2KCobmemiKhqR:LPoQHMgtFkCGSZO9gpAhhb+hqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
#Merlis-Patcher.exe

Files

#Merlis-Patcher.exe
.exe windows:5 windows x86 arch:x86

7a8c15a433b2d17cd5700deee519f00f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\GamePackages\Client\Tools\Patcher\Src\TorrentPatchSfxBuilder\TorrentPatch_x86_MT_VC90.pdb

Imports

kernel32

DeleteCriticalSection
GetCurrentThreadId
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
InterlockedIncrement
InterlockedDecrement
SetThreadPriority
TerminateThread
ResumeThread
TlsGetValue
TlsSetValue
GetProcessAffinityMask
GetCurrentProcess
ExitProcess
GetACP
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
SystemTimeToFileTime
GetTempPathW
FindClose
FindFirstFileW
GetTempFileNameW
GetStdHandle
InitializeCriticalSection
GetTimeZoneInformation
GetThreadLocale
GetCurrentProcessId
GetEnvironmentVariableW
GetCPInfo
IsValidCodePage
GetDiskFreeSpaceW
SetEnvironmentVariableW
GetFileType
GetFileAttributesW
GetWindowsDirectoryW
FindNextFileW
RaiseException
CreateThread
DuplicateHandle
ExpandEnvironmentStringsW
GetCommandLineW
SetErrorMode
SetLastError
LocalAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
MoveFileA
GetFileAttributesA
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapReAlloc
ExitThread
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetDriveTypeA
GetFullPathNameA
GetFullPathNameW
MoveFileW
RemoveDirectoryW
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeW
GetModuleFileNameA
GetCurrentThread
SetHandleCount
VirtualFree
VirtualAlloc
HeapCreate
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
EnumSystemLocalesA
WriteConsoleA
GetConsoleOutputCP
GetCurrentDirectoryA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
CompareStringA
CreateFileMappingW
QueryPerformanceFrequency
CreateEventA
CreateSemaphoreA
CreateIoCompletionPort
GetQueuedCompletionStatus
InterlockedExchangeAdd
PostQueuedCompletionStatus
QueueUserAPC
SleepEx
DeviceIoControl
SetFilePointerEx
ReadFileScatter
GetOverlappedResult
WriteFileGather
VirtualLock
VirtualUnlock
GetFileAttributesExW
FormatMessageA
ResetEvent
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
lstrcpyA
GetSystemTime
SetThreadAffinityMask
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA
CreateFileA
ReadFile
SetFilePointer
UnmapViewOfFile
GetSystemInfo
CreateFileMappingA
OutputDebugStringA
MapViewOfFile
SetEvent
WaitForSingleObject
CreateEventW
TlsFree
TlsAlloc
GetModuleHandleW
DeleteFileW
WriteFile
CreateDirectoryW
DeleteFileA
GetTickCount
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
LocalFree
FormatMessageW
CreateProcessW
SetFileTime
TerminateProcess
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExW
GetFileSize
GetCurrentDirectoryW
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GetFileTime
GetFileSizeEx
CreateFileW
SetCurrentDirectoryW
CopyFileW
GetModuleFileNameW
Sleep
OpenMutexW
ReleaseMutex
CloseHandle
GetLastError
OutputDebugStringW
CreateMutexW
VirtualQuery

user32

SetWindowTextW
InvalidateRect
EndDeferWindowPos
BeginDeferWindowPos
GetWindow
GetMessageTime
SystemParametersInfoW
GetMenuItemInfoW
GetActiveWindow
CallNextHookEx
RegisterHotKey
UnregisterHotKey
UnhookWindowsHookEx
GetCapture
PtInRect
IsWindow
TrackPopupMenu
IsDialogMessageW
SetWindowsHookExW
GetSysColor
GetUpdateRgn
InflateRect
GetIconInfo
CreateIconIndirect
EndPaint
GetWindowDC
BeginPaint
LoadBitmapW
DestroyIcon
LoadImageW
CreateDialogParamW
GetDlgItem
DrawFrameControl
DrawIconEx
GetClassNameW
GetWindowTextW
GetWindowTextLengthW
SetMenu
DrawIcon
GetUpdateRect
BringWindowToTop
IsZoomed
IsIconic
GetDesktopWindow
GetSystemMenu
FlashWindow
CreateDialogIndirectParamW
GetForegroundWindow
DrawTextW
CopyRect
DrawFocusRect
OffsetRect
GetMessageW
ValidateRect
MapWindowPoints
DestroyCursor
keybd_event
IsClipboardFormatAvailable
HideCaret
DestroyAcceleratorTable
CreateAcceleratorTableW
TranslateAcceleratorW
DrawEdge
UnionRect
ChildWindowFromPoint
DefFrameProcW
TranslateMDISysAccel
DefMDIChildProcW
GetMenuStringW
GetMessagePos
DrawStateW
DrawStateA
RegisterClipboardFormatW
ChangeDisplaySettingsW
EnumDisplaySettingsW
SetScrollInfo
KillTimer
GetFocus
DispatchMessageA
PeekMessageA
SetWindowPos
SetWindowLongW
FillRect
GetWindowRect
GetAsyncKeyState
VkKeyScanW
DispatchMessageW
TranslateMessage
ReleaseDC
GetDC
CheckMenuRadioItem
CheckMenuItem
InsertMenuItemW
EnableMenuItem
GetMenuItemCount
GetSubMenu
CreateMenu
AppendMenuW
DrawMenuBar
GetMenuState
InsertMenuW
RemoveMenu
ModifyMenuW
DestroyMenu
CreatePopupMenu
SetMenuItemInfoW
UnregisterClassW
GetKeyState
RegisterWindowMessageW
DdePostAdvise
DdeConnect
DdeNameService
DdeCreateStringHandleW
DdeClientTransaction
DdeDisconnect
DdeInitializeW
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeUninitialize
DdeQueryStringW
DdeFreeStringHandle
DestroyWindow
SendMessageW
SetCursor
RegisterClassW
MessageBeep
PeekMessageW
MessageBoxW
PostThreadMessageW
MessageBoxA
GetScrollInfo
IsWindowEnabled
SetCursorPos
ReleaseCapture
SetCapture
IsWindowVisible
CallWindowProcW
DeferWindowPos
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
GetCursorPos
WindowFromPoint
SetForegroundWindow
RegisterClipboardFormatA
OpenClipboard
SetClipboardData
CloseClipboard
SetWindowRgn
GetWindowLongW
GetClientRect
AdjustWindowRectEx
PostQuitMessage
DefWindowProcW
LoadIconW
LoadCursorW
CreateWindowExW
MoveWindow
GetSystemMetrics
PostMessageW
GetParent
SetTimer
ScrollWindow
ShowWindow
EnableWindow
ShowCursor
SetFocus

gdi32

Arc
CreateSolidBrush
SelectClipRgn
GetTextColor
GetBkColor
SetMapMode
GetRegionData
ExtCreateRegion
OffsetRgn
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
GetTextExtentExPointW
GetCharABCWidthsW
SetROP2
TextOutW
PolyBezier
Polyline
SetPixel
GetPixel
ExtFloodFill
ExtSelectClipRgn
GetClipBox
SetTextColor
SetStretchBltMode
SaveDC
RestoreDC
SetBkMode
SetBkColor
CreateBitmap
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateCompatibleDC
GetPaletteEntries
GetObjectW
ExcludeClipRect
CreateRectRgn
GetTextExtentPoint32W
SelectPalette
RealizePalette
GdiFlush
SelectObject
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
DeleteEnhMetaFile
CopyEnhMetaFileW
GetEnhMetaFileW
CreateDCW
StartDocW
EndPage
StartPage
EndDoc
SetAbortProc
EnumFontFamiliesExW
CreateICW
PatBlt
GetDIBColorTable
CreateDIBitmap
GetDIBits
CreateDIBSection
SetTextAlign
CreateRectRgnIndirect
GetSystemPaletteEntries
CombineRgn
RectInRegion
PtInRegion
EqualRgn
GetRgnBox
MoveToEx
LineTo
CreatePen
ExtCreatePen
CreatePatternBrush
CreateHatchBrush
CreatePalette
GetNearestPaletteIndex
Pie
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
Ellipse
GetStockObject
SetBrushOrgEx
MaskBlt
StretchBlt
StretchDIBits
DeleteObject

shell32

ShellExecuteW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
Shell_NotifyIconW
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
ExtractIconW
ExtractIconExW
SHFileOperationW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard
OleCreate
OleSetContainedObject

oleaut32

SysAllocString
VariantClear

comctl32

ImageList_BeginDrag
ord17
ord16
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave

wininet

HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetReadFile
InternetCloseHandle
InternetQueryDataAvailable

ws2_32

getpeername
WSAStartup
WSACleanup
ntohl
htonl
WSASetLastError
WSAAddressToStringA
WSAGetLastError
WSAStringToAddressA
htons
ntohs
setsockopt
WSASocketW
closesocket
bind
listen
WSAIoctl
WSASend
getservbyname
gethostbyname
getsockopt
getsockname
WSASendTo
WSARecvFrom
ioctlsocket
connect
WSARecv
accept
inet_addr
select
__WSAFDIsSet
socket

mswsock

GetAcceptExSockaddrs
AcceptEx

winmm

timeGetTime

comdlg32

PageSetupDlgW
CommDlgExtendedError
PrintDlgW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

advapi32

EqualSid
GetTokenInformation
AllocateAndInitializeSid
FreeSid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
OpenThreadToken

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 630KB - Virtual size: 629KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

7a8c15a433b2d17cd5700deee519f00f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

comctl32

wininet

ws2_32

mswsock

winmm

comdlg32

advapi32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 630KB - Virtual size: 629KB

.data Size: 102KB - Virtual size: 288KB

.tls Size: 512B - Virtual size: 2B

.SHARED Size: 512B - Virtual size: 4B

.rsrc Size: 139KB - Virtual size: 139KB

.reloc Size: 288KB - Virtual size: 287KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 630KB - Virtual size: 629KB

.data
Size: 102KB - Virtual size: 288KB

.tls
Size: 512B - Virtual size: 2B

.SHARED
Size: 512B - Virtual size: 4B

.rsrc
Size: 139KB - Virtual size: 139KB

.reloc
Size: 288KB - Virtual size: 287KB