Mindustry[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Mindustry.exe
Size

584KB
MD5

07f788dd556b612fd064a73913f82bfc
SHA1

3abe2d614dc63ca4d6b9907d36d5c35bd54cf020
SHA256

f9afb4ade0ba4d8cd758fabdb9cd76af2c72b59130140604b29cf02295b74569
SHA512

68de704e7248e647744a44c5cc46b08c97f5c80ae73e009b6c45367dd6691bb331b6d3cf7a0d4503c60be1361f59c734499c77ba1ea5b5b8448a44d5d3385e38
SSDEEP

12288:cPpWdd4P5jtbIHMavP0JLk2KgszHpaHwZMTVLzRBYkd2pA7okT1KP:cPpWdd4P5jtbIHMavP0JLk2KgszHpaQE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Mindustry.exe

Files

Mindustry.exe
.exe windows:6 windows x64 arch:x64

04895ce0ecabcd06e30d0575ce9f13ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Public\gitlab-runner\builds\SoYefdAy\0\NimblyGames\packr\PackrLauncher\build\exe\main\release\windows\PackrLauncher.pdb

Imports

shell32

CommandLineToArgvW

kernel32

GetCurrentProcess
SetEndOfFile
SetStdHandle
GetCommandLineW
SetCurrentDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindNextFileW
GetFullPathNameW
SetUnhandledExceptionFilter
GetLastError
GetModuleHandleW
GetProcAddress
LoadLibraryExW
AddDllDirectory
LocalFree
FormatMessageW
AllocConsole
FreeConsole
AttachConsole
SetConsoleOutputCP
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
HeapSize
RtlPcToFileHeader
RaiseException
RtlUnwindEx
FreeLibrary
SetConsoleCtrlHandler
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
GetModuleFileNameW
WriteConsoleW
WriteFile
HeapAlloc
HeapFree
SetEnvironmentVariableW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
OutputDebugStringW
HeapReAlloc
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04895ce0ecabcd06e30d0575ce9f13ca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

kernel32

Exports

Exports

Sections

.text Size: 401KB - Virtual size: 400KB

.rdata Size: 150KB - Virtual size: 149KB

.data Size: 9KB - Virtual size: 17KB

.pdata Size: 18KB - Virtual size: 17KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 401KB - Virtual size: 400KB

.rdata
Size: 150KB - Virtual size: 149KB

.data
Size: 9KB - Virtual size: 17KB

.pdata
Size: 18KB - Virtual size: 17KB

.reloc
Size: 5KB - Virtual size: 4KB