Static task
static1
General
-
Target
launch_alice.exe
-
Size
6.1MB
-
MD5
b6203efa9cf641c31bbd78d7722bde69
-
SHA1
b8ab27da926caff60e8e610c34d8cff00ec906cb
-
SHA256
c99db59b83181b716270774e2c4140d9b1d7eaf36ec9ecc643dc0662b45b44ce
-
SHA512
1d468b846fee1a6aab3c6fcefa8e2c77897bd81923ad44aea46bccaeb22b25e33147126b763d8129d94d231f6bd86dc8ed1357990a789ac5c8e5cddc449b015d
-
SSDEEP
49152:+iggbiPHjuouOQep5E9jY7XAwt/1zqu9MnFDinVKgAtg3yZ6qeEOB0yfYSdouadX:RiPHjuoYFDG8FvnfA3YMneJZD1HZ/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource launch_alice.exe
Files
-
launch_alice.exe.exe windows:6 windows x64 arch:x64
a55b87833435e763c53904a83fcc95d9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
opengl32
glGetIntegerv
glGetString
wglGetProcAddress
wglGetCurrentDC
glDrawArrays
wglDeleteContext
wglMakeCurrent
wglCreateContext
glDeleteTextures
glTexImage2D
glTexSubImage2D
glTexParameteri
glBindTexture
glGenTextures
glDepthRange
glViewport
glBlendFunc
glEnable
glClear
glClearColor
kernel32
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetCurrentThread
EncodePointer
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
LoadLibraryW
LoadLibraryExW
SetLastError
GetLastError
DeleteCriticalSection
SleepConditionVariableSRW
WakeAllConditionVariable
GetStringTypeW
SetStdHandle
HeapSize
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
VirtualAlloc
GetSystemInfo
VirtualFree
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
MapViewOfFile
GetFileSizeEx
GetModuleFileNameW
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
WriteFile
SetEndOfFile
CreateDirectoryW
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
IsProcessorFeaturePresent
CreateProcessW
GlobalLock
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CreateThread
GetProcAddress
GetCurrentProcess
InitializeCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
ReadFile
HeapFree
CreateFileA
HeapReAlloc
HeapAlloc
CreateFileMappingA
GetProcessHeap
TryAcquireSRWLockExclusive
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
GetStdHandle
ExitProcess
GetModuleHandleExW
ExitThread
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
RtlUnwind
RtlUnwindEx
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcessId
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VerifyVersionInfoW
GetProcessAffinityMask
VerSetConditionMask
ReleaseSemaphore
DuplicateHandle
SetThreadGroupAffinity
GetThreadGroupAffinity
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
InitializeSListHead
SetEvent
GlobalUnlock
SignalObjectAndWait
AcquireSRWLockExclusive
GetCurrentProcessorNumberEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadPriority
LoadLibraryA
WriteConsoleW
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObjectEx
Sleep
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
InitializeCriticalSectionEx
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
ReleaseSRWLockExclusive
SetThreadPriority
user32
GetKeyState
MessageBoxA
MessageBoxW
GetWindowRect
GetMessageW
SetProcessDpiAwarenessContext
SetUserObjectInformationA
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
InvalidateRect
DispatchMessageW
TranslateMessage
UpdateWindow
CreateWindowExW
RegisterClassExW
GetSystemMetrics
LoadImageW
LoadCursorW
EndPaint
BeginPaint
PostQuitMessage
DefWindowProcW
GetDC
PostMessageW
ShowWindow
SetWindowPos
GetDpiForWindow
GetMonitorInfoW
MonitorFromWindow
gdi32
ChoosePixelFormat
SwapBuffers
SetPixelFormat
shell32
SHGetKnownFolderPath
ShellExecuteW
ole32
CoTaskMemFree
CoUninitialize
CoInitializeEx
advapi32
GetUserNameA
Sections
.text Size: 5.3MB - Virtual size: 5.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 620KB - Virtual size: 619KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 153KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 67KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ