Mine Blocks 2[.]0[.]8_rc1[.]exe[.]donotrun

Sharing

Copy URL

Twitter E-mail

General

Target

Mine Blocks 2.0.8_rc1.exe.donotrun
Size

7.7MB
MD5

511371eb60f656d1ad8db97988da019a
SHA1

0d21867a59d879cf1bdd66ba018a691a71c0e243
SHA256

bf04b000526d93bd241e930b4070c96c494d36940d1ad020b873a9d28e3ea26a
SHA512

52266f4d4894feb08d20e1e19177eee1b907dae71bf1f079d68091048425c83095bf898e5103c1eab49b84d2dd97a8a43a2cd8357321513476ddf7dd319fe5fd
SSDEEP

98304:8qqk6OBQlKeWN/+dydTYGZAa3fL1fYJqFDbyr6Q0JqLne0hKkRQC9IeVVwl1eIU/:16O6lKek/LNmofL1fYJql66K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Mine Blocks 2.0.8_rc1.exe.donotrun

Files

Mine Blocks 2.0.8_rc1.exe.donotrun
.exe windows:6 windows x64 arch:x64

f0730b905a4c1081dc135b2d8efa3b81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

MessageBoxA

ws2_32

getaddrinfo
WSAGetLastError
WSAStartup
gethostbyname
socket
shutdown
setsockopt
send
freeaddrinfo
inet_ntoa
inet_addr
htons
ioctlsocket
connect
closesocket
recv

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertOpenSystemStoreA

kernel32

GetProcessHeap
GetCommandLineA
FindFirstFileExW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetEnvironmentVariableW
GetFileSizeEx
SetFilePointerEx
GetConsoleOutputCP
FlushFileBuffers
ReadConsoleW
GetConsoleMode
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapSize
SetEndOfFile
GetFileAttributesExW
TlsGetValue
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
SystemTimeToFileTime
RtlCaptureContext
TlsSetValue
TlsAlloc
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryW
GetCommandLineW
LoadLibraryA
ReadFile
WriteFile
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
CreateProcessW
GetCurrentProcessId
FormatMessageA
SetCurrentDirectoryW
GetCurrentDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFullPathNameW
WriteConsoleW
GetProcessTimes
GetModuleFileNameW
GetLastError
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetSystemTimeAsFileTime
InitializeSListHead
GetLocaleInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsFree
LoadLibraryExW
RtlUnwind
ExitProcess
GetModuleHandleExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetStdHandle
CreateDirectoryW
DeleteFileW
GetStdHandle
HeapFree
HeapAlloc
GetTimeZoneInformation
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
hx_cffi

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.2MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0730b905a4c1081dc135b2d8efa3b81

Headers

DLL Characteristics

File Characteristics

Imports

user32

ws2_32

advapi32

crypt32

kernel32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 2.2MB - Virtual size: 2.3MB

.pdata Size: 137KB - Virtual size: 137KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 453KB - Virtual size: 452KB

.reloc Size: 75KB - Virtual size: 75KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 2.2MB - Virtual size: 2.3MB

.pdata
Size: 137KB - Virtual size: 137KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 453KB - Virtual size: 452KB

.reloc
Size: 75KB - Virtual size: 75KB