PackagedCWALauncher[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

PackagedCWALauncher.exe
Size

37KB
MD5

f3915b25452b32672d179ba390c2e368
SHA1

8a2b89a2aa782d159ba38aefecd1260748ca7b6f
SHA256

12220829f22d04e618f58bebcf30ba43d7c47d9c69eac4ffc070db10ce160d8d
SHA512

51575d39620a437f83d491f0332ca4bfb385f10febb64756e3998257b7f356c05bf55a0cca8f1bc391e40159e63533cb0ef7a2a1324310b8d88e9cf6779075a3
SSDEEP

768:/V1p9C8rndLjQw2p0l+k7p15iaal3r49H2lxlpSn95BOSEGny:91p9COQw2p0l+iyaaiHXn/oSEGy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PackagedCWALauncher.exe

Files

PackagedCWALauncher.exe
.exe windows:10 windows x86 arch:x86

bcf0ffc4a43f903dc0f1101b5a5ee977

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

PackagedCWALauncher.pdb

Imports

msvcrt

_controlfp
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
_unlock
_lock
_initterm
__setusermatherr
__p__fmode
_cexit
_exit
_CxxThrowException
exit
__set_app_type
__wgetmainargs
_amsg_exit
__p__commode
_XcptFilter
_vsnprintf_s
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
memcpy_s
_vsnwprintf
_except_handler4_common
__CxxFrameHandler3
memset

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventSetInformation
EventUnregister
EventRegister
EventActivityIdControl

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
GetProcAddress

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
Sleep

api-ms-win-core-synch-l1-1-0

CreateMutexExW
CreateSemaphoreExW
ReleaseSemaphore
OpenSemaphoreW
WaitForSingleObjectEx
AcquireSRWLockExclusive
WaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetLastError
GetLastError
SetUnhandledExceptionFilter

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW

api-ms-win-core-com-l1-1-0

CoCreateInstance
CoUninitialize

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess

api-ms-win-core-shlwapi-legacy-l1-1-0

PathGetArgsW

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

ext-ms-win-com-sta-l1-1-0

CoInitialize

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcf0ffc4a43f903dc0f1101b5a5ee977

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-shlwapi-legacy-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

ext-ms-win-com-sta-l1-1-0

Sections

.text Size: 29KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB