CyberWarLauncher[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

CyberWarLauncher.exe
Size

488KB
MD5

16f0be447deac735a98e431c1f2c7649
SHA1

15606c8bc10a60f534fdf83f2ef8321584a46e8d
SHA256

7cfb0cd88276e2b093eac3a78db26c92d624c945f73181a84faed8c0c4acff8d
SHA512

99264a4d85a55160764644ddecc45c67c30a4530b4ea974c05d9459b3093d5720c9ca6a3e84a543a9668472b010e7645557f4ca871855b605ec8a374743abb9e
SSDEEP

12288:UlC1uu7RwsTSa0pn6PTz3Z5xg334cqPE:UKqsTSlpmTrZ5K1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CyberWarLauncher.exe

Files

CyberWarLauncher.exe
.exe windows x86

1450db39c6d61e1fb14cd26e8712b071

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW

windowscodecs

WICConvertBitmapSource

kernel32

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
CloseHandle
CreateFileW
DeleteFileW
MoveFileW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetFileSizeEx
CreateProcessW
GetCommandLineW
GetModuleFileNameW
GetFileAttributesW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
InitializeCriticalSectionEx
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
WriteFile
GetLastError
RaiseException
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetACP
InitializeCriticalSectionAndSpinCount
GetStdHandle
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
RtlUnwind
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
FormatMessageW
EncodePointer
TryEnterCriticalSection
GetCurrentThreadId
QueueUserWorkItem
GetModuleHandleExW
IsProcessorFeaturePresent
SetLastError
SetEndOfFile
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
GetCurrentThread
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer

user32

DispatchMessageW
TranslateMessage
PostMessageW
LoadCursorW
LoadIconW
RegisterClassExW
CreateWindowExW
ShowWindow
MonitorFromPoint
GetMessageW
BeginPaint
EndPaint
GetCursorPos
GetWindowRect
MoveWindow
DefWindowProcW
GetDC
ReleaseDC
UpdateLayeredWindow
SetTimer
RegisterWindowMessageW
PostQuitMessage
GetMonitorInfoW

gdi32

GetObjectW
SelectObject
DeleteObject
CreateCompatibleDC
DeleteDC
CreateDIBSection

shell32

ord165

ole32

CoCreateInstance
CoInitialize

gdiplus

GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipCreateSolidFill
GdipSetSolidFillColor
GdipDisposeImage
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetCompositingMode
GdipSetCompositingQuality
GdipGraphicsClear
GdipDrawString
GdipDrawImageRect
GdipDrawImageI
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap

Sections

.text
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1450db39c6d61e1fb14cd26e8712b071

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

windowscodecs

kernel32

user32

gdi32

shell32

ole32

gdiplus

Sections

.text Size: 280KB - Virtual size: 280KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 11KB - Virtual size: 16KB

.rsrc Size: 92KB - Virtual size: 91KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 280KB - Virtual size: 280KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 11KB - Virtual size: 16KB

.rsrc
Size: 92KB - Virtual size: 91KB

.reloc
Size: 19KB - Virtual size: 18KB