AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Static task
static1
1 signatures
General
-
Target
Mine-imator.exe
-
Size
36.4MB
-
MD5
5e1684732a40db575972f6f49a642c14
-
SHA1
d7611d2a7eb68d454ed7a46471d836ed89efe1e5
-
SHA256
d3abbbd29640bc9015239b128974066d8abed9e71eefe0cd5d1dc1a78b3c5e6b
-
SHA512
f88221c614ab5abdc177bb5d40cead37aa345439cc7123c81e72e5e0aab76bf42610d803dee5f68b334a2fbcff86b6da5b533557e468fd93c8a62f8418f4dd6a
-
SSDEEP
393216:P2WMu1FVbQ7EL5d54pIvYVGrh75cg5wZRlJW0xveKzRU+C9M7QJsv6tWKFdu9C9m:P2+NEiaRlkiRUPO7p
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Mine-imator.exe
Files
-
Mine-imator.exe.exe windows:6 windows x64 arch:x64
Password: BJNK
03f9586a152274cc094053e9f0b5fd8b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
d3d11
D3D11CreateDevice
kernel32
GetStartupInfoW
FlushFileBuffers
GetLogicalDrives
SetEndOfFile
SetErrorMode
GetCurrentDirectoryW
CreateDirectoryW
GetFileInformationByHandle
GetFullPathNameW
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
DeviceIoControl
CopyFileW
MoveFileW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
FindFirstFileExW
CompareStringW
LCMapStringW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetModuleHandleExW
UnregisterWaitEx
RegisterWaitForSingleObject
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
GetExitCodeProcess
CreateMutexW
VirtualAlloc
VirtualFree
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToFiber
DeleteFiber
CreateFiber
GetEnvironmentVariableW
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiber
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetUserDefaultLCID
UnhandledExceptionFilter
RtlLookupFunctionEntry
TerminateProcess
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetExitCodeThread
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
TryAcquireSRWLockExclusive
RtlPcToFileHeader
RtlUnwindEx
IsWow64Process
LocalAlloc
LocalFree
FormatMessageA
MultiByteToWideChar
MoveFileExW
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
GetFileAttributesW
CreateFileW
GetFileType
GetUserPreferredUILanguages
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
ExitThread
FreeLibraryAndExitThread
IsProcessorFeaturePresent
OutputDebugStringW
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
CreateThread
RtlCaptureContext
WriteFile
CloseHandle
GetLastError
GetTickCount
GetFileSizeEx
GetFileTime
ReadFile
SetFilePointerEx
IsDebuggerPresent
DebugBreak
ResetEvent
WaitForSingleObjectEx
CreateEventW
WideCharToMultiByte
FindClose
FindFirstFileW
FindNextFileW
GetCurrentThread
SetThreadPriority
GetModuleFileNameW
RaiseException
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
FreeLibrary
GetProcAddress
LoadLibraryW
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
FormatMessageW
WaitForMultipleObjects
GlobalFree
SetHandleInformation
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
MoveFileExA
InitOnceBeginInitialize
InitOnceComplete
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSRWLock
InitializeConditionVariable
GetModuleHandleW
GetStdHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
GetCommandLineA
SetStdHandle
GetConsoleOutputCP
SetConsoleCtrlHandler
HeapFree
HeapAlloc
HeapReAlloc
IsValidLocale
EnumSystemLocalesW
HeapSize
HeapQueryInformation
IsValidCodePage
GetACP
GetOEMCP
SetEnvironmentVariableW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
CreateSemaphoreW
InitializeSListHead
SwitchToThread
GetConsoleMode
SetEvent
DuplicateHandle
GetLocalTime
GetSystemTime
GetCommandLineW
CompareStringEx
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetUserDefaultLangID
GetCurrentProcessId
GlobalSize
GetLocaleInfoW
GlobalLock
GlobalUnlock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
CreateProcessW
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
lstrcmpW
GetConsoleWindow
LoadLibraryA
LoadLibraryExW
LoadLibraryExA
GetSystemDirectoryW
CreateMutexA
ReleaseMutex
GetProcessAffinityMask
GetCurrentProcess
GetSystemTimeAsFileTime
Sleep
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
WriteConsoleW
user32
EnumWindows
GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
EnumDisplayDevicesW
RegisterClassW
ChangeWindowMessageFilterEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
SetTimer
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
GetForegroundWindow
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
KillTimer
CharNextExA
RegisterDeviceNotificationW
GetSysColor
SystemParametersInfoW
GetDesktopWindow
MessageBoxW
DefWindowProcW
DestroyWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
UnregisterDeviceNotification
DestroyCursor
DrawIconEx
RealGetWindowClassW
GetProcessWindowStation
GetUserObjectInformationW
EnumDisplayMonitors
SetCapture
ReleaseCapture
GetMenu
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
SetParent
GetWindowThreadProcessId
GetWindow
DestroyIcon
gdi32
GetBitmapBits
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetDIBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
shell32
SHGetStockIconInfo
SHGetFileInfoW
Shell_NotifyIconW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHGetKnownFolderPath
Shell_NotifyIconGetRect
SHCreateItemFromIDList
ShellExecuteW
ord727
CommandLineToArgvW
ole32
CoUninitialize
CoGetMalloc
ReleaseStgMedium
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
OleUninitialize
OleInitialize
RevokeDragDrop
CoLockObjectExternal
CoCreateGuid
StringFromGUID2
CoInitialize
CLSIDFromString
StringFromCLSID
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoInitializeEx
RegisterDragDrop
oleaut32
SysAllocString
SafeArrayCreateVector
SysFreeString
SafeArrayPutElement
advapi32
DeregisterEventSource
RegCloseKey
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryValueExW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
SystemFunction036
OpenProcessToken
AccessCheck
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
GetSecurityInfo
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetLengthSid
imm32
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetOpenStatus
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetDefaultIMEWnd
userenv
GetUserProfileDirectoryW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
netapi32
NetApiBufferFree
NetShareEnum
ws2_32
recv
htonl
ntohl
getaddrinfo
freeaddrinfo
getnameinfo
getsockopt
__WSAFDIsSet
bind
closesocket
getpeername
getsockname
WSASetLastError
send
WSAAsyncSelect
WSACleanup
WSAStartup
gethostname
WSASocketW
WSASendTo
WSASend
WSARecvFrom
WSARecv
WSANtohs
WSANtohl
WSAIoctl
WSAHtonl
WSAConnect
WSAAccept
WSAGetLastError
setsockopt
select
listen
htons
winmm
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutGetDevCapsW
waveOutGetNumDevs
waveInGetNumDevs
timeKillEvent
timeSetEvent
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
PlaySoundW
waveInUnprepareHeader
uxtheme
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
ord47
GetThemeInt
IsThemeBackgroundPartiallyTransparent
GetThemeBool
SetWindowTheme
IsThemeActive
IsAppThemed
GetCurrentThemeName
GetThemeBackgroundRegion
GetThemePartSize
OpenThemeData
GetThemeColor
dwmapi
DwmSetWindowAttribute
DwmIsCompositionEnabled
DwmGetWindowAttribute
DwmEnableBlurBehindWindow
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
iphlpapi
ConvertInterfaceLuidToGuid
GetAdaptersAddresses
ConvertInterfaceNameToLuidW
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToIndex
ConvertInterfaceIndexToLuid
crypt32
CertCloseStore
CertFindCertificateInStore
CertOpenSystemStoreW
CertOpenStore
CertCreateCertificateContext
CertFreeCertificateContext
CertAddCertificateContextToStore
CertGetCertificateChain
CertFreeCertificateChain
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
vcomp140
omp_set_num_threads
_vcomp_for_dynamic_next
_vcomp_fork
omp_get_max_threads
_vcomp_for_dynamic_init
_vcomp_reduction_i8
omp_get_num_threads
omp_get_thread_num
_vcomp_for_dynamic_next_i8
_vcomp_for_dynamic_init_i8
bcrypt
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptDestroyKey
BCryptGenRandom
BCryptGetProperty
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptOpenAlgorithmProvider
BCryptDeriveKeyPBKDF2
BCryptDestroyHash
BCryptEncrypt
BCryptGenerateSymmetricKey
mfplat
MFStartup
MFCreateSample
MFCreateAlignedMemoryBuffer
MFShutdown
MFCreateMediaType
Exports
Exports
Sections
.text Size: 24.6MB - Virtual size: 24.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9.3MB - Virtual size: 9.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 890KB - Virtual size: 4.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 922KB - Virtual size: 921KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmetad Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmimed Size: 315KB - Virtual size: 315KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 1024B - Virtual size: 768B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 280KB - Virtual size: 279KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 150KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ