SkyrimLauncher[.]exe

Resubmissions

17/02/2024, 20:53

240217-zpd98abc74 3

17/02/2024, 20:43

240217-zh4arsag3z 3

Sharing

Copy URL Twitter E-mail

General

Target

SkyrimLauncher.exe
Size

1.5MB
MD5

c07bd155ae4d7c9dae07d6167e11aceb
SHA1

b44030e75cea2579cf3eac7049fe655c2234b996
SHA256

2d17a262fe69cd5158a2436845533c5e609f98a3883f8d8fdaf02b9f50c23ec5
SHA512

f05ddc3e4ac225337c51fc2484f16d50d536aee7e55614a962aa79b10df785d3f37a11a330f6d50c9ac06533b10a0f732b66ae51940467460b8fe87bac330b98
SSDEEP

24576:CNtx+IMpjI/7JckpIXDyKeZ4mtvPMtl6nUoobYx8U:CNtx+TpUTJPWTyKWtvCcUoobYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SkyrimLauncher.exe

Files

SkyrimLauncher.exe
.exe windows:5 windows x86 arch:x86

60b586921678b31a988f723c438106bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\_Skyrim\Code\TESV\SkyrimPCLauncher\Release Spanish\SkyrimLauncher.pdb

Imports

steam_api

SteamAPI_Init
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamRemoteStorage
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult

kernel32

CopyFileW
GetFileAttributesW
WritePrivateProfileStringW
GetPrivateProfileIntW
SetFileAttributesW
CompareFileTime
MultiByteToWideChar
GetFileAttributesExW
CreateMutexW
FindFirstFileW
GetCurrentProcess
CreateDirectoryW
GetCurrentDirectoryW
FindClose
FindNextFileW
GetPrivateProfileStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceFrequency
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
DeleteFileW
GetTickCount
IsDebuggerPresent
GetLastError
GetSystemTimeAsFileTime
GetModuleFileNameW
LoadLibraryW
GetModuleHandleW
QueryPerformanceCounter
CloseHandle
FreeLibrary

user32

LoadStringW
SendMessageW
UpdateWindow
LoadImageW
MessageBoxA
EnableWindow
SetTimer
KillTimer
ChildWindowFromPointEx
GetClientRect
InvalidateRect
GetSysColor
UnregisterClassW
SetRect
PeekMessageW
CreateWindowExW
RegisterClassW
GetSystemMetrics
GetMessageW
PostQuitMessage
LoadCursorW
TranslateMessage
RegisterClassExW
LoadIconW
DefWindowProcW
DispatchMessageW
SetWindowPos
SetFocus
wsprintfW
SendDlgItemMessageW
ShowWindow
CreateDialogParamW
MessageBoxW
SetWindowTextA
DestroyWindow
ScreenToClient
GetWindowRect
PostMessageW
EndDialog
SetWindowLongW
GetDlgItem
GetWindowInfo
SetWindowTextW

gdi32

SetTextColor
SetBkColor
SetBkMode
DeleteObject
GetStockObject

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteExW
SHGetFolderPathW
ShellExecuteW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

msvcp90

?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$allocator@_W@std@@QAE@XZ
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0ABV12@@Z
?length@?$char_traits@_W@std@@SAIPB_W@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
??1locale@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?close@?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?eof@?$char_traits@_W@std@@SAGXZ
??_D?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??Bios_base@std@@QBEPAXXZ
?good@ios_base@std@@QBE_NXZ
?eof@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?width@ios_base@std@@QAEHH@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?uncaught_exception@std@@YA_NXZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?close@?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
?getline@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_WH_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??_D?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?endl@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@AAV21@@Z

comctl32

PropertySheetW

msvcr90

_CxxThrowException
sprintf
sprintf_s
calloc
strcpy
_wfopen
strcpy_s
fwrite
strrchr
fclose
vswprintf_s
tolower
_wchdir
wcscmp
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
__CxxFrameHandler3
_purecall
_itow_s
memmove_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
wcslen
_invalid_parameter_noinfo
??3@YAXPAX@Z
??2@YAPAXI@Z
strncmp
qsort_s
strstr
vsprintf_s
fmod
memset
??_V@YAXPAX@Z
strcmp
floor
fabs
sin
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
strlen
swscanf_s
_wtof
_waccess
exit

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

dsound

ord11

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

60b586921678b31a988f723c438106bd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

steam_api

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcp90

comctl32

msvcr90

version

dsound

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB