FinobeLauncher[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

FinobeLauncher.exe
Size

1.1MB
MD5

0e6b6e0a005aa9e6612acf4bc2a73465
SHA1

27d528cce9ab7e9a5e0e1bf5f89e1022811b3555
SHA256

68e9ee22024c6ba4c91bf1a3bcda8e8e4e18e17850504c287d82db25c2281964
SHA512

37b9bc7a8d5f8834ee307e9ed51b7c957ab8bffb65e0a26aca540628eaefa5191d765141a9aa73a24ce4dbbef53005a1c3b7caf42e7bd7ab058f01117311f428
SSDEEP

24576:hvQtxwlvJPq2Nxdrej8QTWcJjsfT2WqGU380NLpJMHpZGTsJJ958y:uPwrX88QTyT2JfM0NLpJMHpZGTsJJ95n

Score

N/A

Malware Config

Signatures

Files

FinobeLauncher.exe
.exe windows x86

22e6cf761842e8cf7efe1c5e4a73893a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
DeleteFileW
GetVersionExW
lstrcmpW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
WaitForSingleObject
InterlockedDecrement
ReleaseMutex
CreateMutexW
SetEvent
ResetEvent
OpenEventW
CreateEventW
CloseHandle
CreateEventA
GetSystemTime
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
SetEndOfFile
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetACP
GetStdHandle
ExitProcess
ReadFile
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
FormatMessageA
SystemTimeToFileTime
CreateWaitableTimerA
GetLastError
MultiByteToWideChar
HeapSize
ResumeThread
InitializeCriticalSectionAndSpinCount
HeapFree
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
InterlockedExchange
InterlockedExchangeAdd
WaitForMultipleObjects
TerminateThread
QueueUserAPC
SleepEx
PostQueuedCompletionStatus
CreateIoCompletionPort
SetWaitableTimer
GetQueuedCompletionStatus
InterlockedCompareExchange
SetLastError
VerSetConditionMask
VerifyVersionInfoW
Sleep
TlsGetValue
TlsSetValue
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
TlsFree
GetTickCount
GetModuleHandleA
CreateSemaphoreA
GetSystemTimeAsFileTime
ReleaseSemaphore
LocalFree
GetCurrentThreadId
GetCurrentProcess
GetCurrentThread
DuplicateHandle
LoadLibraryW
FreeLibrary
CreateProcessW
TerminateProcess
GetUserGeoID
GetGeoInfoW
CompareFileTime
FindFirstFileW
FindNextFileW
FindClose
lstrlenW
GetLocalTime
OpenProcess
CreateDirectoryW
GetDiskFreeSpaceExW
SetFileAttributesW
RemoveDirectoryW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetShortPathNameW
FormatMessageW
CreateFileW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
MulDiv
WaitForSingleObjectEx
GetExitCodeProcess
lstrcpyW
lstrcatW
WriteFile
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
IsDebuggerPresent
OutputDebugStringW
SwitchToThread
EncodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
OpenEventA

user32

LoadBitmapW
CreateWindowExW
SetWindowLongW
ShowWindow
InvalidateRect
GetWindowRect
DefWindowProcW
GetWindowLongW
CallWindowProcW
AllowSetForegroundWindow
CharNextW
CharUpperW
MessageBoxA
SendMessageW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SetFocus
SetWindowPos
MessageBoxW
PostThreadMessageW
GetWindowThreadProcessId
EnumWindows
GetDlgItem
PostQuitMessage
GetParent
FillRect
EndPaint
LoadIconW
RegisterClassW
GetSystemMetrics
GetDC
ReleaseDC
BeginPaint
KillTimer
DestroyWindow
EnableWindow
IsWindowVisible
SetForegroundWindow
PostMessageW
GetWindowTextW
SetWindowTextW
SetTimer

gdi32

CreateFontW
GetDeviceCaps
DeleteObject
Rectangle
SelectObject
CreatePen
SetBkMode
SetTextColor
GetStockObject
CreateSolidBrush

advapi32

CopySid
CheckTokenMembership
DuplicateToken
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegFlushKey
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptDestroyHash
IsValidSid
GetLengthSid
CryptHashData
OpenProcessToken
OpenThreadToken
CryptGetHashParam
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
GetTokenInformation
InitializeSid
GetSidLengthRequired
GetSidSubAuthority

shell32

SHGetFolderPathAndSubDirW
ShellExecuteExW
ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
StringFromGUID2

oleaut32

VariantClear
VariantInit
RegisterTypeLi
SysFreeString
SysAllocString

shlwapi

StrCmpW
StrCmpNW
StrDupW
StrRChrW
StrCpyW
PathFileExistsW
PathAddBackslashW
StrStrW
SHDeleteKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

select
WSASocketW
setsockopt
WSAGetLastError
getaddrinfo
freeaddrinfo
connect
getsockopt
ioctlsocket
WSASetLastError
closesocket
WSARecv
WSAStartup
WSACleanup
WSASend

wininet

InternetReadFile
HttpSendRequestW
InternetQueryDataAvailable
HttpAddRequestHeadersW
InternetSetOptionW
InternetConnectW
HttpSendRequestExW
InternetOpenW
HttpQueryInfoW
HttpEndRequestW
HttpOpenRequestW
InternetWriteFile
InternetCloseHandle

sensapi

IsNetworkAlive

userenv

UnloadUserProfile

comctl32

InitCommonControlsEx
_TrackMouseEvent

psapi

GetProcessImageFileNameW
EnumProcesses

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22e6cf761842e8cf7efe1c5e4a73893a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

version

ws2_32

wininet

sensapi

userenv

comctl32

psapi

iphlpapi

Sections

.text Size: 435KB - Virtual size: 435KB

.rdata Size: 176KB - Virtual size: 176KB

.data Size: 41KB - Virtual size: 45KB

.rsrc Size: 405KB - Virtual size: 405KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 435KB - Virtual size: 435KB

.rdata
Size: 176KB - Virtual size: 176KB

.data
Size: 41KB - Virtual size: 45KB

.rsrc
Size: 405KB - Virtual size: 405KB

.reloc
Size: 29KB - Virtual size: 29KB