launc
Static task
static1
1 signatures
General
-
Target
launc.dll
-
Size
242KB
-
MD5
5cad25df8c3fe4d342a7b561fc903878
-
SHA1
b7dcb86e16330f0a5185b94e03b330db13a13721
-
SHA256
ca3ddbf27e35010bf8622c7ea7fdddef3b8cddbe8b31769da511add4d684a1fc
-
SHA512
d0cb5f68f4e16ee199b14c9f8554e005f6fbd973538b5fdd45be062478c710b4aa340e0d14db7af60c71a53047ef977f9a56e23601d64d152047f619fb8ed17b
-
SSDEEP
6144:NoqE7MX1m7lXVBd6aA7BgzLJ8A65tAuQi:NK7tRd6aA70LJO5tA
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource launc.dll
Files
-
launc.dll.dll windows:6 windows x64 arch:x64
61b600bbe9dc564b84bc868e3bd45e1b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
user32
MessageBoxA
kernel32
IsProcessorFeaturePresent
WriteConsoleW
GetCommandLineA
GetFileAttributesA
GetFileAttributesW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetCurrentThread
CreateProcessA
OpenProcess
GetModuleFileNameA
GetModuleHandleA
LoadLibraryExW
LocalAlloc
LocalFree
lstrcmpA
lstrcpyA
CreateToolhelp32Snapshot
Process32First
Process32Next
K32EnumProcessModules
K32GetModuleFileNameExA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetLastError
SetLastError
WaitForSingleObject
ExitProcess
GetExitCodeProcess
ResumeThread
CreateProcessW
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
IsWow64Process
GetCurrentThreadId
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
DebugBreak
GetFileSize
SetFilePointer
WriteFile
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
CreateFileW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
Exports
Exports
Sections
.text Size: 148KB - Virtual size: 147KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ