Winlator_1[.]1[.]apk

Resubmissions

16/08/2023, 04:40

230816-fapymafd45 7

16/08/2023, 04:36

230816-e8q3xafd33 7

Sharing

Copy URL Twitter E-mail

General

Target

Winlator_1.1.apk
Size

56.4MB
MD5

3d686c5ef63e055873c2a5201f24432c
SHA1

5f91c665ce061e5612f0ec169b40844f84880e08
SHA256

44e5440042eea7d0631292ea3a251aba93cfe183658339aae1d9f54fc47df53f
SHA512

92bf06abda3ec894c1053fa981da8ea8ed6fa36843aaa7f505df7a0f51ef7fe8e37c0626b36f64e6bda39471e81017a74bff310cb6eca96243b669b772faa646
SSDEEP

1572864:8j6q53wSj/gHFB73JFB0unV8tTxPtbb/uJl:8j6Cp4lB73JF5+tTttXA

Score

7^/10

Malware Config

Signatures

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/syswow64/d3d8.dll

Files

Winlator_1.1.apk
.apk android arch:arm arch:arm64 arch:x64 arch:x86

com.winlator

com.winlator.MainActivity

Activities

com.winlator.MainActivity

android.intent.action.MAIN

Permissions

android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.MODIFY_AUDIO_SETTINGS
0.png
.png
1.png
.png
10.png
.png
11.png
.png
2.png
.png
3.png
.png
4.png
.png
5.png
.png
6.png
.png
7.png
.png
8.png
.png
9.png
.png
controls-1.icp
controls-2.icp
d8vk-1.0.zip
.zip
syswow64/d3d8.dll
.dll windows x86

51569f60213b783fb39a9bc6874a5b14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AllocateLocallyUniqueId
RegCloseKey
RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW

gdi32

CreateBitmap
CreateCompatibleDC
DeleteDC
DeleteObject

kernel32

AcquireSRWLockExclusive
AddVectoredExceptionHandler
CloseHandle
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeviceIoControl
DuplicateHandle
EnterCriticalSection
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount64
InitializeConditionVariable
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSRWLockExclusive
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SleepConditionVariableSRW
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte

msvcrt

__mb_cur_max
__setusermatherr
_aligned_free
_aligned_malloc
_amsg_exit
_beginthreadex
_endthreadex
_errno
_filelengthi64
_fileno
_fstat64
_initterm
_iob
_lock
_lseeki64
_setjmp3
_ultoa
_unlock
_wcsicmp
_wfopen
abort
atoi
calloc
exit
fclose
fflush
fgetpos
fopen
fprintf
fputc
fputs
fread
free
fsetpos
fwrite
getc
getwc
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
putwc
realloc
remove
setlocale
setvbuf
strchr
strcmp
strcoll
strerror
strftime
strlen
strncmp
strncpy
strxfrm
towlower
towupper
ungetc
ungetwc
vfprintf
wcscmp
wcscoll
wcsftime
wcslen
wcsxfrm
longjmp
_write
_strdup
_read
_fileno
_fdopen
_close

user32

AdjustWindowRectEx
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
CreateIconIndirect
DefWindowProcA
DefWindowProcW
DestroyCursor
DisplayConfigGetDeviceInfo
EnumDisplayDevicesA
EnumDisplayMonitors
EnumDisplaySettingsW
GetClientRect
GetCursorPos
GetDisplayConfigBufferSizes
GetMonitorInfoW
GetWindowLongA
GetWindowLongW
GetWindowRect
IsIconic
IsWindow
IsWindowUnicode
IsWindowVisible
MonitorFromPoint
MoveWindow
OffsetRect
PostMessageW
QueryDisplayConfig
SetCursor
SetCursorPos
SetProcessDPIAware
SetRect
SetWindowLongA
SetWindowLongW
SetWindowPos
ShowWindow

Exports

Exports

Direct3DCreate8

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 536KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dxcomponents.json
dxvk-1.10.3.zip
.zip
dxvk-2.2.zip
.zip
gpu_names.json
llvmpipe.zip
.zip
system_tools.zip
.zip
turnip.zip
.zip
virgl.zip
.zip
wine_startmenu.json
wined3d-7.8.zip
.zip
xcursors.zip
.zip
zink.zip
.zip

Android Permissions

Winlator_1.1.apk

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.MODIFY_AUDIO_SETTINGS

Resubmissions

Sharing

General

Malware Config

Signatures

Files

com.winlator

com.winlator.MainActivity

Activities

com.winlator.MainActivity

Permissions

51569f60213b783fb39a9bc6874a5b14

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 24KB - Virtual size: 20KB

.rdata Size: 388KB - Virtual size: 387KB

/4 Size: 536KB - Virtual size: 535KB

.bss Size: - Virtual size: 5KB

.edata Size: 4KB - Virtual size: 75B

.idata Size: 8KB - Virtual size: 5KB

.CRT Size: 4KB - Virtual size: 48B

.tls Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 832B

.reloc Size: 64KB - Virtual size: 62KB

Android Permissions

Winlator_1.1.apk

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 24KB - Virtual size: 20KB

.rdata
Size: 388KB - Virtual size: 387KB

/4
Size: 536KB - Virtual size: 535KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 4KB - Virtual size: 75B

.idata
Size: 8KB - Virtual size: 5KB

.CRT
Size: 4KB - Virtual size: 48B

.tls
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 832B

.reloc
Size: 64KB - Virtual size: 62KB