Launcher[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Launcher.rar
Size

108.0MB
MD5

ed2dd72c3161963de4efa24ad33bb48e
SHA1

6e1407c99d43e4ad54cee169d5ebcd93315e87e8
SHA256

e945f05aecf9fba7761ed10d942198593df6f2f68ae3ff99df0c4070db7fa956
SHA512

793706466d2ac838c4745b0c1ecbe6f080f1d3d8670e14da225fceef91293330d51ce5424ca4a98db1271b8f2a3356cffdd788a51ced5bd0d49fdcf37e6a6f7b
SSDEEP

3145728:akqcd5hGt9nFkdBSk5z9a9oUvvl18c5Nsl8L:XTUnn2SuOok18wslw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Launcher/Launcher.exe

Files

Launcher.rar
.rar
Launcher/Death Relives_Data/Resources/unity default resources
Launcher/Death Relives_Data/Resources/unity_builtin_extra
Launcher/Death Relives_Data/RuntimeInitializeOnLoads.json
Launcher/Death Relives_Data/ScriptingAssemblies.json
Launcher/Death Relives_Data/StreamingAssets/UnityServicesProjectConfiguration.json
Launcher/Death Relives_Data/app.info
Launcher/Death Relives_Data/boot.config
Launcher/Death Relives_Data/globalgamemanagers
Launcher/Death Relives_Data/globalgamemanagers.assets
Launcher/Death Relives_Data/globalgamemanagers.assets.resS
Launcher/Death Relives_Data/level0
Launcher/Death Relives_Data/level0.resS
Launcher/Death Relives_Data/resources.assets
Launcher/Death Relives_Data/resources.assets.resS
Launcher/Death Relives_Data/sharedassets0.assets
Launcher/Launcher.exe
.exe windows:4 windows x86 arch:x86

b34f154ec913d2d2c435cbd644e91687

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
SetCurrentDirectoryW
GetFileAttributesW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
ExitProcess
GetShortPathNameW
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
MoveFileW
GetFullPathNameW
SetFileTime
SearchPathW
CompareFileTime
lstrcmpW
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
lstrlenA
MulDiv
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW

user32

GetSystemMenu
SetClassLongW
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
GetDC
SetTimer
SetWindowTextW
LoadImageW
SetForegroundWindow
ShowWindow
IsWindow
SetWindowLongW
FindWindowExW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
EndPaint
CreateDialogParamW
SendMessageTimeoutW
wsprintfW
PostQuitMessage

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 576KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Launcher/UnityPlayer.dll
.dll windows:6 windows x64 arch:x64

321d9c9a4d2018622f1a6dad0b44e04e

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

30/08/2022, 00:00

Not After

29/08/2023, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

14/07/2021, 00:00

Not After

18/07/2024, 23:59

Subject

CN=Unity Technologies ApS,OU=Developer Services,O=Unity Technologies ApS,L=København,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8d:6c:7f:05:82:78:0a:f1:17:0c:1e:36:dd:8b:eb:63:5e:70:22:eb
Signer

Actual PE Digest

8d:6c:7f:05:82:78:0a:f1:17:0c:1e:36:dd:8b:eb:63:5e:70:22:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileW
GetFileAttributesW
GetTempFileNameW
GlobalAlloc
GlobalUnlock
GlobalLock
GetSystemTime
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SuspendThread
ResumeThread
LocalFree
CopyFileW
MoveFileExW
ReplaceFileW
SystemTimeToFileTime
Thread32First
Thread32Next
CreateMutexA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetEnvironmentVariableA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesA
DebugBreak
SetUnhandledExceptionFilter
GetErrorMode
GetThreadContext
ReadProcessMemory
GetModuleFileNameA
LocalAlloc
GetOverlappedResult
CancelIo
ResetEvent
FormatMessageA
GetWindowsDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateIoCompletionPort
GetQueuedCompletionStatus
DeleteCriticalSection
AttachConsole
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
ReleaseSemaphore
GetLocalTime
GetTimeZoneInformation
GetFileSizeEx
IsDebuggerPresent
CreateSemaphoreExW
TlsAlloc
TlsFree
GetNativeSystemInfo
VirtualQuery
GetFileSize
GetStdHandle
GetEnvironmentVariableW
VerSetConditionMask
SetThreadAffinityMask
SetConsoleCtrlHandler
GetStartupInfoA
TerminateProcess
GetCurrentProcess
WaitForSingleObject
SetLastError
SetErrorMode
GetModuleHandleW
SetThreadPriority
GetCurrentThreadId
CreateThread
SwitchToThread
GetModuleHandleA
CreateToolhelp32Snapshot
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
GetTimeFormatW
GetDateFormatW
GetProcessHeap
HeapAlloc
HeapFree
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
GetConsoleCP
ExitProcess
HeapQueryInformation
HeapSize
HeapReAlloc
RtlUnwind
RtlPcToFileHeader
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
DuplicateHandle
GetVersionExW
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
DecodePointer
EncodePointer
GetTickCount
GetSystemDirectoryW
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SetConsoleMode
ReadConsoleW
ReadConsoleA
GetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
GetFileType
GetModuleHandleExW
CreateWaitableTimerA
OpenEventA
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ExitThread
LoadLibraryExW
GetThreadTimes
OpenThread
GetCurrentThread
RaiseException
CreateWaitableTimerExW
SetWaitableTimer
SleepEx
GetSystemPowerStatus
GetComputerNameW
GetModuleFileNameW
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
GetProcessId
CreateProcessW
GetExitCodeProcess
WaitForMultipleObjects
CreateEventW
CreatePipe
OutputDebugStringA
GetTempPathW
K32GetProcessMemoryInfo
WriteConsoleW
CreateEventExW
WaitForMultipleObjectsEx
TlsGetValue
GetUserDefaultLocaleName
WriteFile
FlushFileBuffers
CreateFileA
GetCommandLineW
GetLogicalProcessorInformationEx
GetSystemDirectoryA
GetThreadPriority
GlobalMemoryStatusEx
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameW
VerifyVersionInfoW
CloseHandle
Sleep
CreateEventA
WaitForSingleObjectEx
SetEvent
FormatMessageW
SetHandleInformation
SetDllDirectoryW
LoadLibraryW
GetLastError
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcessId
MultiByteToWideChar
VirtualFree
VirtualProtect
VirtualAlloc
GetSystemInfo
TlsSetValue

user32

GetDoubleClickTime
KillTimer
SetTimer
PeekMessageA
MsgWaitForMultipleObjects
GetCaretBlinkTime
MessageBoxA
GetMessageA
SendMessageW
DefWindowProcW
PostQuitMessage
RegisterClassW
UnregisterClassW
GetUserObjectInformationW
GetProcessWindowStation
CreateWindowExW
SetDlgItemTextA
SetDlgItemTextW
SendDlgItemMessageW
CopyRect
OffsetRect
DestroyWindow
ShowWindow
MoveWindow
SetWindowPos
LoadIconA
MessageBoxW
EnumDisplaySettingsW
LoadIconW
SetWindowLongA
AdjustWindowRectEx
GetWindowPlacement
GetDC
EnumDisplaySettingsA
GetRawInputDeviceList
RegisterRawInputDevices
GetRawInputBuffer
GetRawInputDeviceInfoW
GetRawInputData
SystemParametersInfoW
GetWindowLongA
PtInRect
ScreenToClient
GetCursorPos
GetSystemMetrics
ReleaseCapture
IsWindowVisible
IsIconic
SetFocus
GetActiveWindow
GetFocus
DragDetect
ValidateRect
SetWindowTextW
GetClientRect
GetWindowRect
ShowCursor
SetCursorPos
ClientToScreen
ClipCursor
GetWindowLongPtrW
SetWindowLongPtrA
SetWindowLongPtrW
GetParent
EnumDisplayDevicesA
MonitorFromRect
MonitorFromWindow
GetMonitorInfoA
GetMonitorInfoW
EnumDisplayMonitors
UpdateWindow
GetDisplayConfigBufferSizes
QueryDisplayConfig
DisplayConfigGetDeviceInfo
GetDesktopWindow
ReleaseDC
AllowSetForegroundWindow
TrackMouseEvent
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
SetCursor
LoadCursorA
DestroyCursor
DestroyIcon
LoadImageW
GetThreadDesktop
GetUserObjectInformationA
RegisterWindowMessageA
SendMessageTimeoutA
SetForegroundWindow
EnumWindows
RegisterClassExW
DialogBoxParamW
SetCapture
MapVirtualKeyExA
MapVirtualKeyW
MapVirtualKeyA
ToUnicode
GetKeyNameTextW
GetAsyncKeyState
GetKeyState
UnregisterDeviceNotification
RegisterDeviceNotificationW
GetMessageExtraInfo
DispatchMessageA
TranslateMessage
GetKeyboardLayout
GetKeyboardLayoutNameW
EndDialog

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoSetProxyBlanket
CoUninitialize
CoInitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateFreeThreadedMarshaler
PropVariantCopy
CoCreateInstance
PropVariantClear

shlwapi

SHDeleteKeyW
PathCanonicalizeW

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo

advapi32

GetUserNameA
GetTokenInformation
GetSidSubAuthority
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExW
RegDeleteValueA
RegCreateKeyW
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventW
DeregisterEventSource
RegisterEventSourceW
CryptEnumProvidersW

gdi32

GetDeviceCaps
SetPixelFormat
SwapBuffers
ChoosePixelFormat

shell32

SHFileOperationW
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteW

opengl32

wglCreateContext
wglMakeCurrent
wglGetCurrentDC
wglDeleteContext
wglGetProcAddress
wglGetCurrentContext

winmm

waveInStart
waveOutGetDevCapsW
waveOutGetDevCapsA
waveOutGetNumDevs
timeGetTime
waveOutPrepareHeader
waveOutUnprepareHeader
timeBeginPeriod
waveInReset
waveOutWrite
waveOutReset
waveOutGetPosition
waveInGetNumDevs
waveInGetDevCapsA
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
timeEndPeriod
waveOutClose
waveInUnprepareHeader
waveInAddBuffer
waveOutOpen

oleaut32

VariantChangeType
SysAllocString
VariantClear
VariantInit
SysFreeString

imm32

ImmSetCompositionStringW
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetConversionStatus
ImmNotifyIME
ImmGetContext

winhttp

WinHttpGetIEProxyConfigForCurrentUser

bcrypt

BCryptGenRandom

hid

HidP_SetUsageValue
HidP_SetUsages
HidP_GetData
HidP_MaxDataListLength
HidP_GetValueCaps
HidP_GetButtonCaps
HidP_GetCaps
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetProductString
HidD_GetManufacturerString
HidD_GetSerialNumberString
HidD_GetAttributes

crypt32

CertAddEncodedCertificateToStore
CertFreeCertificateContext
CertCloseStore
CertOpenStore
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty

ws2_32

WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
gethostname
socket
shutdown
setsockopt
sendto
send
select
WSASocketA
recv
ntohs
listen
inet_addr
htons
htonl
getsockname
ioctlsocket
WSASetEvent
closesocket
bind
accept
__WSAFDIsSet
getaddrinfo
freeaddrinfo
getnameinfo
ntohl
getpeername
gethostbyname
getprotobyname
WSARecvFrom
getsockopt
WSACloseEvent
WSACreateEvent
WSASocketW
WSAWaitForMultipleEvents
WSAIoctl
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
gethostbyaddr
WSASendDisconnect
WSAAsyncGetHostByName
WSACancelAsyncRequest
recvfrom
connect

dwmapi

DwmGetWindowAttribute

Exports

Exports

UnityMain

Sections

.text
Size: 22.4MB - Virtual size: 22.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 405KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b34f154ec913d2d2c435cbd644e91687

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 451KB

.ndata Size: - Virtual size: 576KB

.rsrc Size: 28KB - Virtual size: 27KB

321d9c9a4d2018622f1a6dad0b44e04e

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7Certificate

Extended Key Usages

Key Usages

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52Certificate

Extended Key Usages

Key Usages

8d:6c:7f:05:82:78:0a:f1:17:0c:1e:36:dd:8b:eb:63:5e:70:22:ebSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

version

ole32

shlwapi

setupapi

advapi32

gdi32

shell32

opengl32

winmm

oleaut32

imm32

winhttp

bcrypt

hid

crypt32

ws2_32

dwmapi

Exports

Exports

Sections

.text Size: 22.4MB - Virtual size: 22.4MB

.rdata Size: 3.7MB - Virtual size: 3.7MB

.data Size: 405KB - Virtual size: 1.3MB

.pdata Size: 1.1MB - Virtual size: 1.1MB

.rodata Size: 3KB - Virtual size: 2KB

_RDATA Size: 68KB - Virtual size: 67KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 128KB - Virtual size: 128KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 451KB

.ndata
Size: - Virtual size: 576KB

.rsrc
Size: 28KB - Virtual size: 27KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

8d:6c:7f:05:82:78:0a:f1:17:0c:1e:36:dd:8b:eb:63:5e:70:22:eb
Signer

.text
Size: 22.4MB - Virtual size: 22.4MB

.rdata
Size: 3.7MB - Virtual size: 3.7MB

.data
Size: 405KB - Virtual size: 1.3MB

.pdata
Size: 1.1MB - Virtual size: 1.1MB

.rodata
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 128KB - Virtual size: 128KB