ProjectLoader[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ProjectLoader.exe
Size

7.1MB
MD5

2816be02c87725b16034777af88dac04
SHA1

82e5c05d59369d84f18e54a0844cad3baf4f4d67
SHA256

4e352d51bbfb2142cd238faee8527a4aa44456c482b4877d9e3e5cb3be442fa3
SHA512

ef09ad26959fcb61750841455e0c81f03c5d74c212734b4798b3d567fdddbffde718caf16b7ebeec636c77ee797545c506e0d4a182a27ba791294bc36ef18ce5
SSDEEP

98304:NqpP/Mjze2Cd3p/d9j7VhDicLNOyrcEu0Ei33kwRUGc9iMGHFFuAUNSjbMHR2:kx/QqBLj7VhD/OKc3pi3Uwm5iMIJUH

Score

1^/10

Malware Config

Signatures

Files

ProjectLoader.exe
.exe windows x64

d50bc021b1e16779606a72e0c27eb88c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

glOrtho
glPushMatrix
glDisable
glPushAttrib
glTexEnvi
glColorPointer
glGetTexEnviv
glTexCoordPointer
glGetIntegerv
glDrawElements
glClear
glClearColor
glBindTexture
glGenTextures
glTexParameteri
glTexImage2D
glPixelStorei
glPopMatrix
glEnableClientState
glPopAttrib
glPolygonMode
glVertexPointer
glEnable
glScissor
glDisableClientState
glMatrixMode
glBlendFunc
glLoadIdentity
glDeleteTextures
glViewport

kernel32

FreeLibrary
CreateFileMappingW
MapViewOfFile
GetProcessId
LocalAlloc
LocalFree
CreateRemoteThread
WaitForSingleObject
GetModuleHandleA
GetTickCount64
TerminateProcess
OpenProcess
GetLastError
LoadLibraryA
DeviceIoControl
GetCurrentProcessId
VirtualProtect
GetCurrentProcess
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32NextW
GetCurrentThread
Process32FirstW
GetFullPathNameA
GetFileAttributesW
GetSystemDirectoryW
GetSystemDirectoryA
DeleteFileA
MoveFileExW
CreateThread
ExitProcess
WriteProcessMemory
VirtualProtectEx
ReadProcessMemory
GetCommandLineW
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
K32EnumDeviceDrivers
ReadFile
GetModuleFileNameW
K32GetModuleFileNameExW
K32GetDeviceDriverBaseNameA
Module32FirstW
CreateProcessW
GetModuleHandleW
Module32NextW
VirtualQuery
CreateDirectoryW
FindFirstFileExW
FindNextFileW
WriteFile
SetFilePointer
FindClose
SetThreadExecutionState
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VerSetConditionMask
FormatMessageW
QueryPerformanceCounter
QueryPerformanceFrequency
CloseHandle
LCMapStringW
LoadLibraryExA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetStringTypeW
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
WaitForSingleObjectEx
SetFilePointerEx
SetEndOfFile
GetFileAttributesExW
FormatMessageA
GetProcAddress
UnmapViewOfFile
GetTimeZoneInformation
CreateFileW
VirtualAlloc
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
VirtualFree
GetSystemDefaultUILanguage
SetEnvironmentVariableA
LoadLibraryW
DeleteFileW
Sleep
HeapFree
HeapAlloc
GetFileType
GetExitCodeProcess
CompareStringW
EnumSystemLocalesW
GetFileSizeEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
HeapReAlloc
IsValidCodePage
RtlUnwind
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW
GetStdHandle

user32

EnumDisplayMonitors
GetRawInputDeviceList
GetRawInputDeviceInfoA
MessageBoxA
PostThreadMessageW
SetWindowsHookExW
UnhookWindowsHookEx
FindWindowW
GetWindowThreadProcessId
SetForegroundWindow
GetDesktopWindow
GetCursorPos
ReleaseCapture
SetCapture
SetLayeredWindowAttributes
GetCapture
GetSystemMetrics
ScreenToClient
SetWindowLongPtrW
SetWindowPos
IsWindowVisible
GetWindowRect
CallWindowProcW
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
TrackMouseEvent
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageTime
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
ShowWindow
GetWindowPlacement
SetWindowPlacement
IsIconic
BringWindowToTop
IsZoomed
SetFocus
GetActiveWindow
GetKeyState
MapVirtualKeyW
GetDC
ReleaseDC
RedrawWindow
SetPropW
GetPropW
RemovePropW
GetClientRect
AdjustWindowRectEx
SetCursorPos
SetCursor
ClientToScreen
WindowFromPoint
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
LoadImageW
DestroyIcon
LoadCursorW
SetWindowLongW
GetWindowLongW
PtInRect
SetRect
ClipCursor

gdi32

SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetDeviceGammaRamp
GetDeviceCaps
DeleteDC
CreateDCW
DeleteObject
CreateRectRgn
SwapBuffers

advapi32

QueryServiceStatusEx
OpenServiceW
RegQueryValueExW
RegCreateKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExW
CloseServiceHandle
OpenSCManagerW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

DragQueryPoint
DragQueryFileW
CommandLineToArgvW
ShellExecuteW
DragFinish
DragAcceptFiles

oleaut32

VariantClear

ntdll

NtDeviceIoControlFile
NtLoadDriver
NtCreateFile
NtRaiseHardError
RtlFreeHeap
NtQueryDirectoryObject
NtOpenDirectoryObject
NtFlushBuffersFile
RtlAdjustPrivilege
NtDeleteFile
LdrLoadDll
RtlDosPathNameToNtPathName_U
RtlFreeUnicodeString
NtUnloadDriver
RtlAllocateHeap
RtlAnsiStringToUnicodeString
NtOpenFile
NtResumeThread
NtWaitForSingleObject
NtFlushVirtualMemory
NtQueryInformationThread
NtSetInformationProcess
NtUnmapViewOfSection
NtUnlockVirtualMemory
RtlGetVersion
NtLockVirtualMemory
NtSetInformationThread
RtlInitUnicodeString
NtOpenProcess
NtQuerySystemInformationEx
NtQueryInformationProcess
NtSuspendThread
NtQueryVirtualMemory
NtFlushInstructionCache
NtGetContextThread
NtOpenThread
NtQuerySystemInformation
RtlInitAnsiString
LdrGetProcedureAddress
NtClose
NtReadVirtualMemory
NtAllocateVirtualMemory
NtFreeVirtualMemory
NtWriteVirtualMemory
NtProtectVirtualMemory
NtMapViewOfSection
NtSetContextThread
NtWriteFile
RtlInitString

dbghelp

ImageRvaToVa
ImageDirectoryEntryToData

ws2_32

getaddrinfo
WSAStartup
send
socket
connect
recv
freeaddrinfo
WSAGetLastError
accept
bind
WSASetLastError
closesocket
WSACleanup
ioctlsocket
listen
htons

wininet

HttpOpenRequestA
InternetErrorDlg
InternetOpenW
HttpQueryInfoW
HttpSendRequestA
HttpQueryInfoA
DeleteUrlCacheEntryA
InternetConnectA
InternetReadFile
InternetCloseHandle

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 570KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.5MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v-lizer
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d50bc021b1e16779606a72e0c27eb88c

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

ntdll

dbghelp

ws2_32

wininet

imm32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 570KB - Virtual size: 570KB

.data Size: 1.8MB - Virtual size: 1.8MB

.pdata Size: 59KB - Virtual size: 58KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 3.5MB - Virtual size: 12.7MB

.v-lizer Size: 59KB - Virtual size: 59KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 570KB - Virtual size: 570KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.pdata
Size: 59KB - Virtual size: 58KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 3.5MB - Virtual size: 12.7MB

.v-lizer
Size: 59KB - Virtual size: 59KB