SyntaxPlayerLauncher[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SyntaxPlayerLauncher.exe
Size

1.0MB
MD5

625f11f08e693fc3428cb9be8b3a7b92
SHA1

45f95d0bdf76888d2178d85dc7acd3ff746bb379
SHA256

d01bb78552307c5294cda1491b6c19586bc63074b3798ca323e8753e7e7b6eab
SHA512

542494d122db6ac297d8e33d1cb986ce4e34c3e3a88a139600860e02188e5b03a927fc55ce2ed3230fd03a48eb394cd02f84b33a97081f2a93a56a8bf07d470f
SSDEEP

12288:h7fdHkVNwDJfxSXzcd8HZ/Em+2qWTBhgWnmO0gw2kfin9:h7F8eSXzFEUTkWmOxw2h9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SyntaxPlayerLauncher.exe

Files

SyntaxPlayerLauncher.exe
.exe windows x86

fb425c870939dd0510355a2dee83ad49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
CreateEventA
GetModuleHandleW
GetProcAddress
ResetEvent
CloseHandle
DeleteFileW
SetEvent
CreateEventW
ReleaseMutex
GetVersionExW
OpenEventW
WaitForSingleObject
CreateMutexW
GetTempPathW
GetModuleFileNameW
GetSystemTime
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
SetEndOfFile
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetACP
GetStdHandle
ExitProcess
ReadFile
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
CreateWaitableTimerA
GetModuleHandleA
GetLastError
MultiByteToWideChar
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
SizeofResource
InterlockedExchange
SetWaitableTimer
TlsSetValue
SetLastError
EnterCriticalSection
InterlockedCompareExchange
InterlockedDecrement
WaitForMultipleObjects
LeaveCriticalSection
GetQueuedCompletionStatus
PostQueuedCompletionStatus
Sleep
FormatMessageW
TerminateThread
TlsAlloc
LockResource
InterlockedExchangeAdd
FindResourceExW
LoadResource
FindResourceW
QueueUserAPC
LocalFree
VerSetConditionMask
SleepEx
VerifyVersionInfoW
TlsGetValue
InterlockedIncrement
TlsFree
FormatMessageA
CreateIoCompletionPort
FindFirstFileW
FindNextFileW
FindClose
GetSystemTimeAsFileTime
CreateSemaphoreA
GetCurrentProcess
DuplicateHandle
ReleaseSemaphore
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObjectEx
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
FreeLibrary
CreateProcessW
TerminateProcess
GetTickCount
GetUserGeoID
GetGeoInfoW
CompareFileTime
lstrlenW
GetLocalTime
K32EnumProcesses
OpenProcess
K32GetProcessImageFileNameW
CreateDirectoryW
GetDiskFreeSpaceExW
SetFileAttributesW
RemoveDirectoryW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetShortPathNameW
GetFileSizeEx
CreateFileW
GetFileAttributesExW
GetFileAttributesW
MulDiv
GetExitCodeProcess
WriteFile
SetFileTime
LocalFileTimeToFileTime
lstrcatW
lstrcpyW
DosDateTimeToFileTime
GetFileTime
IsDebuggerPresent
OutputDebugStringW
EncodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
WaitForMultipleObjectsEx
OpenEventA
ResumeThread

user32

CallWindowProcW
GetWindowRect
CreateWindowExW
SendMessageW
ShowWindow
LoadBitmapW
SetWindowLongW
GetParent
InvalidateRect
CharUpperW
AllowSetForegroundWindow
MessageBoxA
CharNextW
SetWindowTextW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SetFocus
MessageBoxW
PostThreadMessageW
GetWindowThreadProcessId
EnumWindows
EnableWindow
EndPaint
BeginPaint
ReleaseDC
PostQuitMessage
KillTimer
GetDlgItem
LoadIconW
RegisterClassW
SetTimer
GetSystemMetrics
FillRect
GetDC
DestroyWindow
GetWindowTextW
SetForegroundWindow
IsWindowVisible
PostMessageW
GetWindowLongW
SetWindowPos
DefWindowProcW

gdi32

SelectObject
CreateFontW
GetStockObject
SetTextColor
SetBkMode
CreatePen
Rectangle
DeleteObject
GetDeviceCaps
CreateSolidBrush

advapi32

OpenProcessToken
GetSidSubAuthority
CheckTokenMembership
DuplicateToken
RegDeleteKeyW
RegEnumKeyExW
RegFlushKey
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
RegDeleteValueW
IsValidSid
GetLengthSid
CopySid
CryptCreateHash
OpenThreadToken
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
GetUserNameW
RegQueryValueExW
CryptAcquireContextW
GetTokenInformation
GetSidLengthRequired
InitializeSid

shell32

SHGetFolderPathAndSubDirW
ShellExecuteW
ShellExecuteExW

ole32

CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize
StringFromGUID2

oleaut32

VariantInit
SysFreeString
RegisterTypeLi
SysAllocString
VariantClear

shlwapi

SHDeleteKeyW
StrCmpW
StrCpyW
StrRChrW
PathAddBackslashW
StrCmpNW
PathFileExistsW
StrDupW
StrStrW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

WSASend
setsockopt
select
ioctlsocket
WSASetLastError
WSASocketW
getaddrinfo
WSAStartup
connect
WSARecv
getsockopt
freeaddrinfo
WSAGetLastError
closesocket
WSACleanup

wininet

InternetOpenW
HttpQueryInfoW
InternetReadFile
HttpEndRequestW
HttpSendRequestExW
InternetQueryDataAvailable
HttpAddRequestHeadersW
InternetSetOptionW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
HttpOpenRequestW
InternetWriteFile

sensapi

IsNetworkAlive

userenv

UnloadUserProfile

comctl32

_TrackMouseEvent
InitCommonControlsEx

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 423KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb425c870939dd0510355a2dee83ad49

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

version

ws2_32

wininet

sensapi

userenv

comctl32

iphlpapi

Sections

.text Size: 423KB - Virtual size: 422KB

.rdata Size: 169KB - Virtual size: 169KB

.data Size: 13KB - Virtual size: 17KB

.gfids Size: 1024B - Virtual size: 752B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 403KB - Virtual size: 402KB

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 423KB - Virtual size: 422KB

.rdata
Size: 169KB - Virtual size: 169KB

.data
Size: 13KB - Virtual size: 17KB

.gfids
Size: 1024B - Virtual size: 752B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 403KB - Virtual size: 402KB

.reloc
Size: 28KB - Virtual size: 28KB