RemasteredLauncherAlpha[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

RemasteredLauncherAlpha.exe
Size

6.1MB
MD5

59face50b1c0779392935dac6b208962
SHA1

bf6c115997e71083a84cf7f9e44844231cdf748b
SHA256

8bd46510cd9df829a362a79bd1dc07fd643f8954cd8a1120cce25b49baef7284
SHA512

b2d499cc4821978c97f86e4a7bec02d31f9ca8f1cc1ff205562179e95e9579381b715871f141ccb46fe89022823525b8971c2db30401d911fb4a8d4f19c2a54e
SSDEEP

49152:HAV6vmYVK5rRprL+baTp0Q4mjNNKcrh2WmW42QLsdvOaJVG7/vnrjd9bVroKJeqL:2brRkqoKJVG7Tbp4f

Score

1^/10

Malware Config

Signatures

Files

RemasteredLauncherAlpha.exe
.exe windows x64

133e3f5f880d9f41cf54eff1305740ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlNtStatusToDosError
NtQueryInformationProcess
NtDeviceIoControlFile
RtlVirtualUnwind
RtlLookupFunctionEntry
NtCreateFile
NtCancelIoFileEx
RtlGetVersion
NtQuerySystemInformation
RtlCaptureContext

opengl32

wglShareLists
wglCreateContext
wglGetProcAddress
wglDeleteContext
wglGetCurrentDC
wglGetCurrentContext
wglMakeCurrent

advapi32

RegOpenKeyExW
RegQueryValueExA
RegCloseKey
RegQueryValueExW

bcrypt

BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGenRandom

crypt32

CertVerifyCertificateChainPolicy
CertCloseStore
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertDuplicateCertificateContext
CertOpenStore
CertGetCertificateChain
CertDuplicateCertificateChain
CertDuplicateStore
CertFreeCertificateChain

dwmapi

DwmEnableBlurBehindWindow

gdi32

ChoosePixelFormat
GetPixelFormat
DescribePixelFormat
CreateRectRgn
DeleteObject
GetDeviceCaps
SetPixelFormat
SwapBuffers

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

iphlpapi

GetIfEntry2
FreeMibTable
GetIfTable2

kernel32

GetCurrentDirectoryW
AcquireSRWLockShared
ReleaseSRWLockShared
GetDiskFreeSpaceExW
GetTickCount64
QueryPerformanceFrequency
ExitProcess
GlobalMemoryStatusEx
GetLogicalDrives
ReadProcessMemory
GetProcessTimes
LocalFree
GetSystemTimes
GetDriveTypeW
GetVolumeInformationW
DeviceIoControl
PostQueuedCompletionStatus
lstrlenW
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
HeapFree
AcquireSRWLockExclusive
CloseHandle
CopyFileExW
GetLastError
DeleteFileW
HeapAlloc
GetProcessHeap
HeapReAlloc
SwitchToThread
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetSystemInfo
GetCommandLineW
GetCurrentProcessId
WaitForMultipleObjects
GetOverlappedResult
SleepEx
ReadFileEx
WaitForSingleObject
GetExitCodeProcess
GetSystemTimeAsFileTime
OpenProcess
GetProcessIoCounters
ReleaseSRWLockExclusive
GlobalFree
GlobalUnlock
Sleep
GetCurrentThreadId
MultiByteToWideChar
GlobalAlloc
GlobalLock
GetModuleHandleW
LoadLibraryW
QueryPerformanceCounter
GlobalSize
FreeLibrary
GetProcAddress
SetThreadErrorMode
LoadLibraryExW
SetLastError
GetFinalPathNameByHandleW
CreateIoCompletionPort
SetFileCompletionNotificationModes
TryAcquireSRWLockExclusive
GetQueuedCompletionStatusEx
GetModuleHandleA
WakeAllConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
SetHandleInformation
GetCurrentThread
GetStdHandle
GetConsoleMode
WriteConsoleW
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetCurrentProcess
ReleaseMutex
GetEnvironmentVariableW
FormatMessageW
GetModuleFileNameW
CreateFileW
SetFilePointerEx
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
CreateDirectoryW
FindFirstFileW
FindClose
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
DuplicateHandle
CreateNamedPipeW
CreateThread
WriteFileEx
CreateEventW
CancelIo
ReadFile

netapi32

NetUserGetLocalGroups
NetApiBufferFree
NetQueryDisplayInformation

ole32

OleInitialize
RegisterDragDrop
RevokeDragDrop
CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

pdh

PdhCloseQuery
PdhGetFormattedCounterValue
PdhLookupPerfNameByIndexW
PdhAddCounterW
PdhOpenQueryA
PdhCollectQueryData
PdhRemoveCounter

powrprof

CallNtPowerInformation

psapi

GetProcessMemoryInfo
GetModuleFileNameExW
EnumProcessModulesEx
GetPerformanceInfo
GetModuleBaseNameW

secur32

AcquireCredentialsHandleA
EncryptMessage
FreeCredentialsHandle
DecryptMessage
QueryContextAttributesW
FreeContextBuffer
InitializeSecurityContextW
AcceptSecurityContext
ApplyControlToken
DeleteSecurityContext

shell32

CommandLineToArgvW
ShellExecuteW
DragQueryFileW
DragFinish

user32

GetKeyboardLayout
GetClipboardData
IsClipboardFormatAvailable
GetMonitorInfoW
GetClipCursor
GetKeyState
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo
SetCapture
ClipCursor
ToUnicodeEx
GetKeyboardState
DestroyIcon
GetMenu
AdjustWindowRectEx
SystemParametersInfoA
SendMessageW
SetWindowLongW
GetActiveWindow
GetWindowLongW
ShowCursor
RegisterWindowMessageA
ChangeDisplaySettingsExW
SetWindowPlacement
ClientToScreen
ShowWindow
CloseClipboard
RedrawWindow
PostMessageW
GetClientRect
LoadCursorW
SetCursor
OpenClipboard
EmptyClipboard
SetClipboardData
GetSystemMetrics
RegisterClassExW
CreateWindowExW
GetDC
GetWindowPlacement
GetClassNameW
GetClassInfoExW
DefWindowProcW
DestroyWindow
SetWindowTextW
SetWindowPos
InvalidateRgn
GetCursorPos
ReleaseCapture
GetWindowLongPtrW
SetWindowLongPtrW
GetRawInputData
ValidateRect
PostThreadMessageW
PeekMessageW
GetUpdateRect
GetMessageW
TranslateMessage
DispatchMessageW
RegisterTouchWindow
MonitorFromWindow
MapVirtualKeyW
SendInput
SetForegroundWindow
IsProcessDPIAware
CreateIcon
RegisterRawInputDevices
MsgWaitForMultipleObjectsEx
TrackMouseEvent
MonitorFromRect
MapVirtualKeyA

uxtheme

SetWindowTheme

winmm

timeEndPeriod
timeGetDevCaps
timeBeginPeriod

ws2_32

getaddrinfo
bind
WSASend
getsockopt
getpeername
setsockopt
ioctlsocket
WSASocketW
WSAIoctl
freeaddrinfo
WSACleanup
recv
send
shutdown
WSAStartup
connect
closesocket
WSAGetLastError

vcruntime140

__current_exception
__C_specific_handler
__current_exception_context
memcmp
memset
memmove
memcpy
__CxxFrameHandler3
_CxxThrowException

api-ms-win-crt-math-l1-1-0

acosf
sinf
cosf
sin
cos
atan2f
cbrtf
round
trunc
floor
expf
roundf
__setusermatherr
powf
floorf
ceilf
_hypotf
ceil

api-ms-win-crt-string-l1-1-0

strlen
wcslen

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_crt_atexit
terminate
_register_thread_local_exe_atexit_callback
_register_onexit_function
_seh_filter_exe
_c_exit
_cexit
__p___argv
__p___argc
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

133e3f5f880d9f41cf54eff1305740ca

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

opengl32

advapi32

bcrypt

crypt32

dwmapi

gdi32

imm32

iphlpapi

kernel32

netapi32

ole32

oleaut32

pdh

powrprof

psapi

secur32

shell32

user32

uxtheme

winmm

ws2_32

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 11KB - Virtual size: 12KB

.pdata Size: 126KB - Virtual size: 125KB

.rsrc Size: 311KB - Virtual size: 311KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 11KB - Virtual size: 12KB

.pdata
Size: 126KB - Virtual size: 125KB

.rsrc
Size: 311KB - Virtual size: 311KB

.reloc
Size: 43KB - Virtual size: 42KB