factorio[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

factorio.exe
Size

28.1MB
MD5

a1b794141309e33988e44292267b7075
SHA1

28f7a735e9bd28771b00e3666993351d69914ada
SHA256

b7b4b834fca2e32afa9d3476eb42cc09b02f1205be97f688dc6fc6ace7ba8fe1
SHA512

bd19d3aedb3cbebd7f142fac5580f6670c1fdf5c811458f2096d30207f5320becc57684b3a41e52ced41f7f34e818a19e496f1109060243d1deff662ee4a9ad6
SSDEEP

196608:yfPePCW4laUMLen9vpSPDF2Vn28P0wMflmsVyK6+uwDK7CMnjiw2SXXS:KemlVHgD4n2JyK4b2w2SS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
factorio.exe

Files

factorio.exe
.exe windows:6 windows x64 arch:x64

d08b574f4e30dc4a091c83e7e2a68478

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\build\AppData\Local\Temp\factorio-build-Im5Iel\bin\FinalReleasex64vs2017\factorio.pdb

Imports

dnsapi

DnsFree
DnsQuery_UTF8

wldap32

ord30
ord35
ord32
ord217
ord50
ord143
ord301
ord22
ord46
ord45
ord26
ord27
ord200
ord79
ord33
ord41
ord211
ord60

gdi32

CombineRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
SetPixelFormat
GetPixelFormat
SwapBuffers
ChoosePixelFormat
DescribePixelFormat
BitBlt
StretchDIBits
SetPixel
GetRegionData
SetDCBrushColor
CreateBitmap
GetICMProfileW
SetDeviceGammaRamp
CreateDCW
GetDeviceGammaRamp
GetTextExtentPoint32A
CreateCompatibleDC
GetTextMetricsW
DeleteDC
CreateFontIndirectW
DeleteObject
CreateSolidBrush
SelectObject
GetStockObject
GetDeviceCaps
Rectangle
CreateDIBSection

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitialize
CoInitializeEx
CoTaskMemFree
PropVariantClear
CLSIDFromString
CoUninitialize
CoInitializeSecurity

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

psapi

GetModuleFileNameExW
EnumProcessModules
GetPerformanceInfo
GetProcessMemoryInfo
GetModuleFileNameExA
GetModuleInformation

gdiplus

GdipGetImageWidth
GdipSaveImageToStream
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipGetImageEncoders
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipFree
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize

shell32

DragQueryFileW
ord190
ShellExecuteExW
ShellExecuteA
ord155
SHGetFolderPathW
SHOpenFolderAndSelectItems
ShellExecuteW
DragFinish
ExtractIconExW
DragAcceptFiles

shlwapi

PathFindOnPathA
ord12

user32

SetWindowPos
MonitorFromRect
SetActiveWindow
SendMessageW
RemovePropW
SetWindowTextW
ShowWindow
GetMonitorInfoW
RegisterClassW
AttachThreadInput
CreateIconFromResource
UnhookWindowsHookEx
SetLayeredWindowAttributes
IntersectRect
SetPropW
SetWindowsHookExW
FlashWindowEx
SetWindowLongW
GetParent
PtInRect
SetForegroundWindow
GetWindowTextW
RegisterRawInputDevices
GetRawInputDeviceInfoA
GetRawInputDeviceList
DestroyWindow
CreateWindowExW
RegisterDeviceNotificationW
PostThreadMessageW
UnregisterDeviceNotification
GetDesktopWindow
SetWindowLongPtrW
EndDialog
GetWindowLongPtrW
DialogBoxIndirectParamW
SetFocus
SystemParametersInfoA
GetDlgItem
DrawTextW
SystemParametersInfoW
ReleaseDC
GetDoubleClickTime
MapVirtualKeyW
GetKeyboardState
ToUnicode
RegisterWindowMessageA
GetWindowLongW
GetMessageW
DefWindowProcW
AdjustWindowRectEx
GetKeyState
GetMessageExtraInfo
CallWindowProcW
PostMessageW
GetWindowRect
GetMenu
GetDC
GetFocus
FillRect
ScreenToClient
CallNextHookEx
GetSystemMetrics
UnregisterClassW
RegisterClassExW
GetAsyncKeyState
DispatchMessageW
SetTimer
DestroyIcon
ClientToScreen
PeekMessageW
GetRawInputData
ValidateRect
TrackMouseEvent
GetClipCursor
IsRectEmpty
GetUpdateRect
TranslateMessage
LoadIconW
ClipCursor
SetCursor
GetClientRect
KillTimer
GetClassInfoExW
InvalidateRect
IsIconic
GetCursorPos
GetClipboardData
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
RegisterClassExA
MessageBoxW
CreateWindowExA
MonitorFromWindow
EnumDisplayMonitors
MapVirtualKeyA
MessageBoxA
GetMonitorInfoA
EnumDisplaySettingsA
GetForegroundWindow
ChangeWindowMessageFilter
UnregisterClassA
RegisterWindowMessageW
GetClipboardSequenceNumber
GetWindowTextLengthW
GetWindowThreadProcessId
SetCursorPos
ReleaseCapture
SetCapture
LoadCursorW
GetUpdateRgn
GetCapture
GetWindowInfo
BeginPaint
EndPaint
LoadCursorA
CreateIconIndirect
CopyImage
SetWindowRgn
EnumDisplaySettingsW
EnumDisplayDevicesW
MonitorFromPoint
ChangeDisplaySettingsExW
GetPropW
EnumDisplayDevicesA

imm32

ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW
ImmAssociateContext

oleaut32

VariantClear
SysAllocString
VariantInit
SysFreeString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA

kernel32

RtlVirtualUnwind
UnhandledExceptionFilter
GetStartupInfoW
RtlUnwindEx
InterlockedPushEntrySList
TlsFree
ExitThread
FreeLibraryAndExitThread
RtlLookupFunctionEntry
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
RemoveDirectoryW
GetDriveTypeW
SetEnvironmentVariableW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
GetCommandLineW
SetConsoleCtrlHandler
InitializeSListHead
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
HeapReAlloc
GetTimeZoneInformation
SetStdHandle
HeapSize
GetCPInfo
CompareStringEx
EncodePointer
LCMapStringEx
IsValidCodePage
GetSystemTimeAsFileTime
GetLocaleInfoEx
GetStringTypeW
InitOnceBeginInitialize
InitOnceComplete
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
RtlPcToFileHeader
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
GetFileInformationByHandleEx
MoveFileExW
CopyFileW
AreFileApisANSI
SetFileInformationByHandle
SetFileAttributesW
SetEndOfFile
GetFullPathNameW
GetFinalPathNameByHandleW
GetFileInformationByHandle
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ReadProcessMemory
GetThreadContext
GetVersionExA
GetFileAttributesA
ResumeThread
GetCurrentDirectoryA
SuspendThread
RtlCaptureContext
MoveFileExA
PeekNamedPipe
GetSystemDirectoryA
VerifyVersionInfoA
SleepEx
SetLastError
FormatMessageA
OutputDebugStringA
CreateEventA
CreateWaitableTimerA
SetEvent
WaitForMultipleObjects
SetWaitableTimer
CreateSemaphoreA
InitializeCriticalSection
GetCommandLineA
GetTempPathW
GetModuleFileNameA
GetOverlappedResult
ResetEvent
DeviceIoControl
CancelIo
TlsGetValue
TlsAlloc
TlsSetValue
CreateSemaphoreW
ReleaseSemaphore
GetSystemPowerStatus
GetModuleHandleExW
CreateFileA
CreateEventW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
TryEnterCriticalSection
CreateThread
WaitForSingleObjectEx
SetThreadPriority
LoadLibraryW
LoadLibraryExW
QueryPerformanceCounter
OutputDebugStringW
ExitProcess
MulDiv
GetTickCount
SetFilePointerEx
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
SetFilePointer
SetErrorMode
WriteFile
GetFileSizeEx
ReadFile
SetEnvironmentVariableA
GetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
SetUnhandledExceptionFilter
IsDebuggerPresent
Process32First
GetConsoleScreenBufferInfo
SetConsoleActiveScreenBuffer
GetCurrentProcess
SetConsoleScreenBufferSize
GetStdHandle
TerminateProcess
GetModuleFileNameW
LockFile
CreateConsoleScreenBuffer
InitializeCriticalSectionEx
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
HeapValidate
GetModuleHandleA
FindFirstChangeNotificationW
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetModuleHandleExA
FormatMessageW
GetLastError
AttachConsole
GetFileAttributesExW
GetCurrentThread
FindCloseChangeNotification
LoadLibraryA
QueryPerformanceFrequency
DeleteFileW
Process32Next
CloseHandle
RaiseException
FindNextChangeNotification
DecodePointer
UnlockFile
GetProcAddress
LocalFree
DeleteCriticalSection
VerSetConditionMask
GetCurrentProcessId
GetProcessHeap
GlobalMemoryStatusEx
SetThreadExecutionState
GetModuleHandleW
FreeLibrary
VerifyVersionInfoW
SetConsoleOutputCP
GetFileType
WriteConsoleInputA
AllocConsole
OpenThread
RtlUnwind

advapi32

CryptGenRandom
GetUserNameA
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptReleaseContext

iphlpapi

GetIpAddrTable

ws2_32

socket
ntohl
gethostname
ioctlsocket
WSAIoctl
WSASetLastError
getpeername
getsockname
send
WSAStartup
getaddrinfo
listen
select
ntohs
connect
WSAAddressToStringW
recvfrom
recv
getsockopt
WSACleanup
__WSAFDIsSet
htonl
htons
freeaddrinfo
sendto
setsockopt
WSAGetLastError
accept
closesocket
bind

crypt32

CertGetNameStringW
CryptVerifyMessageSignature
CertCreateCertificateChainEngine
CertFindExtension
PFXImportCertStore
CertFreeCertificateContext
CryptStringToBinaryA
CertGetNameStringA
CertFreeCertificateChain
CryptQueryObject
CertAddCertificateContextToStore
CertFreeCertificateChainEngine
CertGetCertificateChain
CryptDecodeObjectEx
CertOpenStore
CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore

dsound

ord12
ord11

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wintrust

WinVerifyTrust

imagehlp

ImageGetCertificateHeader
ImageGetCertificateData
ImageEnumerateCertificates

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkunsigned
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_optunsigned
luaL_prepbuffsize
luaL_pushmodule
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getctx
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_insert
lua_iscfunction
lua_isnumberorstringconvertabletonumber
lua_isstringornumberconvertabletostring
lua_isuserdata
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushunsigned
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_remove
lua_replace
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_tounsignedx
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove

Sections

.text
Size: 20.9MB - Virtual size: 20.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 719KB - Virtual size: 917KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 450KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d08b574f4e30dc4a091c83e7e2a68478

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dnsapi

wldap32

gdi32

ole32

winmm

psapi

gdiplus

shell32

shlwapi

user32

imm32

oleaut32

setupapi

kernel32

advapi32

iphlpapi

ws2_32

crypt32

dsound

version

wintrust

imagehlp

Exports

Exports

Sections

.text Size: 20.9MB - Virtual size: 20.9MB

.rdata Size: 5.3MB - Virtual size: 5.3MB

.data Size: 719KB - Virtual size: 917KB

.pdata Size: 752KB - Virtual size: 752KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 450KB - Virtual size: 450KB

.text
Size: 20.9MB - Virtual size: 20.9MB

.rdata
Size: 5.3MB - Virtual size: 5.3MB

.data
Size: 719KB - Virtual size: 917KB

.pdata
Size: 752KB - Virtual size: 752KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 450KB - Virtual size: 450KB