b532058ae2ac713c7fc622f12c39261ebc18372810b7845e99a77d5924332466

Sharing

Copy URL

Twitter E-mail

General

Target

b532058ae2ac713c7fc622f12c39261ebc18372810b7845e99a77d5924332466
Size

1.2MB
MD5

1caef22befd0dfb18880ecbdc97b315e
SHA1

731123840a4722d5cc2d72d343c3044200effeb9
SHA256

b532058ae2ac713c7fc622f12c39261ebc18372810b7845e99a77d5924332466
SHA512

54e2d6b305360f69448cf1b69c3b39398e5eaa8830cd2f2a21d1b41f3012d4d308bb515bda7e597e54d70eb0ac9a3c959e197a6645dbfc1e7eaac2c94bcb30cb
SSDEEP

24576:pxSbY87w7/DHItKjyhiJ0ulT0TKvXrauuK7jc4PUJys0rw+:pUE87UHkSyhiJrlTXvRuKIJysKw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b532058ae2ac713c7fc622f12c39261ebc18372810b7845e99a77d5924332466

Files

b532058ae2ac713c7fc622f12c39261ebc18372810b7845e99a77d5924332466
.exe windows:5 windows x86 arch:x86

5e5cd42dcca5597ed4bf9fbcfee7b037

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\buildbot\slave\workdir\repos\LAR6\fallback\chromium\src\out\Release\launcher.exe.pdb

Imports

secur32

GetUserNameExW

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

shlwapi

SHDeleteKeyW

advapi32

RegGetKeySecurity
BuildTrusteeWithSidW
AdjustTokenPrivileges
CheckTokenMembership
BuildExplicitAccessWithNameW
FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
GetNamedSecurityInfoW
LookupPrivilegeValueW
SetNamedSecurityInfoW
CreateProcessAsUserW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
OpenProcessToken
GetUserNameW
GetExplicitEntriesFromAclW
AccessCheck
DuplicateToken

kernel32

GetTimeZoneInformation
WriteConsoleW
ReadConsoleW
OutputDebugStringW
GetDriveTypeW
SetEnvironmentVariableA
GetUserDefaultUILanguage
LoadLibraryExA
FreeLibrary
FreeEnvironmentStringsW
CreateFileW
ReadFile
CloseHandle
IsProcessorFeaturePresent
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
CreateFileA
WriteFile
QueryPerformanceCounter
QueryPerformanceFrequency
DeleteFileW
OutputDebugStringA
GetLastError
SetLastError
GetCurrentProcessId
GetTickCount
FormatMessageA
GetCommandLineW
LocalFree
GetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesW
GetFileAttributesExW
GetLongPathNameW
GetTempFileNameW
RemoveDirectoryW
SetFileAttributesW
GetTempPathW
GetCurrentProcess
CopyFileW
MoveFileW
MoveFileExW
ReplaceFileW
DuplicateHandle
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
GetStdHandle
SetHandleInformation
CreatePipe
ResumeThread
CreateProcessW
AssignProcessToJobObject
IsDebuggerPresent
RaiseException
Sleep
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetHandleInformation
GetModuleHandleW
GetProcAddress
FlushFileBuffers
SetEndOfFile
SetFilePointerEx
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemDirectoryW
GetStringTypeW
GetVersionExW
GetNativeSystemInfo
GetModuleHandleExW
HeapSetInformation
GetModuleHandleExA
SetEvent
CreateEventW
LoadLibraryW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetModuleHandleA
LoadResource
LockResource
SizeofResource
FindResourceW
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
HeapSize
DecodePointer
FindResourceExW
lstrlenA
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetFileType
SetStdHandle
GetFullPathNameW
GetConsoleMode
GetConsoleCP
ExitProcess
EncodePointer
GetWindowsDirectoryW

ole32

CoUninitialize
CoInitializeEx
CoTaskMemFree
CoAllowSetForegroundWindow
CoCreateInstance

oleaut32

SysAllocStringByteLen
SafeArrayGetVartype
VariantChangeType
SysFreeString
SysStringByteLen
SafeArrayPutElement
VariantInit
SysAllocString
VariantClear
VariantTimeToSystemTime
SafeArrayCreate

user32

MessageBoxW
WaitForInputIdle
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
WaitMessage
DefWindowProcW
PostQuitMessage
DestroyWindow
CallMsgFilterW
UnregisterClassW
RegisterClassExW
CreateWindowExW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Exports

Exports

GetHandleVerifier
Launch

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e5cd42dcca5597ed4bf9fbcfee7b037

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

secur32

winmm

shlwapi

advapi32

kernel32

ole32

oleaut32

user32

userenv

Exports

Exports

Sections

.text Size: 448KB - Virtual size: 447KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 7KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 140KB - Virtual size: 140KB

.reloc Size: 580KB - Virtual size: 584KB

.text
Size: 448KB - Virtual size: 447KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 7KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 140KB - Virtual size: 140KB

.reloc
Size: 580KB - Virtual size: 584KB