privateloader | visualboyadvance-m[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

visualboyadvance-m.exe
Size

36.1MB
MD5

5bfda85295c84c8d2d1307e9d78d46e7
SHA1

8c7f6970fab4fc0251367c3da4c0d3dbcf32a14d
SHA256

d515cc51f692170a0012e4f23fa67c86664f01095ea4f2c405eef4e062dbd0a8
SHA512

03192f135afe061d71d20a277527d53e1660950ab707c3c86a8504ed7978bbbec51f03f7c2762d6ae075ef81f3291b0565412e38c063c90023a2d26fd0281bc0
SSDEEP

393216:cV8DMvDIz9k05dLf1PHzNWu7DISmsi+LqabEmClD+dGl+7v/qE67y2fnPeZvQAfg:08DrdMsT8Yv/1cPeZvfg

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
visualboyadvance-m.exe

Files

visualboyadvance-m.exe
.exe windows:6 windows x64 arch:x64

c2ed107238ec9810195735890d27248c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_Copy
ImageList_DragLeave
ImageList_DragMove
ImageList_SetDragCursorImage
ord16
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_DragEnter
ord17

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidToStringW
RpcStringFreeW

shlwapi

PathMatchSpecW
AssocQueryStringW
SHAutoComplete

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wsock32

gethostname
__WSAFDIsSet
accept
bind
closesocket
connect
WSAAsyncSelect
WSACleanup
WSAStartup
inet_ntoa
gethostbyaddr
ntohs
ntohl
inet_addr
ioctlsocket
htons
htonl
WSAGetLastError
socket
shutdown
setsockopt
sendto
send
select
recvfrom
recv
listen
getsockopt
getsockname

opengl32

glEnable
glEnd
glCallList
glViewport
glClear
glVertex3i
glNewList
glBindTexture
glTexCoord2f
wglShareLists
wglMakeCurrent
wglDeleteContext
wglCreateContext
glOrtho
glPixelStorei
glDeleteLists
glDisable
glGenLists
glClearColor
glBegin
glDeleteTextures
glTexParameteri
wglGetProcAddress
glEndList
glLoadIdentity
glMatrixMode
glTexImage2D
glGenTextures

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
CM_Get_Device_IDA
CM_Get_Parent
CM_Locate_DevNodeA

dsound

ord3

ws2_32

getaddrinfo
freeaddrinfo
getnameinfo
getpeername

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmGetCandidateListW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetIMEFileNameA
ImmGetContext

secur32

DecryptMessage
EncryptMessage
FreeContextBuffer
QueryContextAttributesA
ApplyControlToken
DeleteSecurityContext
InitializeSecurityContextA
AcquireCredentialsHandleA
FreeCredentialsHandle

bcrypt

BCryptGenRandom
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider

kernel32

GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
LoadLibraryW
GlobalSize
GlobalHandle
SetCurrentDirectoryW
SetErrorMode
OutputDebugStringW
RaiseException
TryEnterCriticalSection
ReleaseSemaphore
ReleaseMutex
CreateMutexW
Sleep
CreateSemaphoreW
GetCurrentProcess
GetCurrentThread
SetThreadPriority
TerminateThread
GetExitCodeThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
GetModuleHandleW
GetProcessAffinityMask
CreateFileW
GetFileAttributesW
GetFileType
CopyFileW
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoW
GetThreadLocale
LocalFree
FormatMessageW
FindClose
FindFirstFileW
GetFileSize
LoadLibraryA
GetLongPathNameW
GetTempFileNameW
GetTempPathW
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableW
IsDebuggerPresent
GetCurrentProcessId
TerminateProcess
GlobalMemoryStatusEx
GetVersionExW
GetNativeSystemInfo
GetModuleFileNameW
IsValidCodePage
GetCPInfo
GetCommandLineW
ReadFile
WriteFile
SetHandleInformation
CreatePipe
SetNamedPipeHandleState
PeekNamedPipe
WaitForMultipleObjects
SetConsoleCursorPosition
CreateThread
CreateProcessW
ExpandEnvironmentStringsW
GetDriveTypeW
GetLogicalDriveStringsW
FindNextFileW
RtlCaptureContext
IsBadReadPtr
IsBadStringPtrA
SetThreadLocale
GetUserDefaultUILanguage
CreateFileA
GetFileSizeEx
SetFilePointer
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
CreateMutexA
VirtualFree
OpenSemaphoreA
ResetEvent
CreateSemaphoreA
GetTickCount
SetFilePointerEx
SetThreadExecutionState
CreateDirectoryW
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
GetEnvironmentVariableA
SetEnvironmentVariableA
DeviceIoControl
GetOverlappedResult
CancelIo
LoadLibraryExW
CompareStringA
GetModuleHandleExW
GetSystemPowerStatus
GetLocaleInfoA
EnumSystemLocalesA
CreateEventA
DebugBreak
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitOnceBeginInitialize
InitOnceComplete
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSRWLock
InitializeConditionVariable
LoadLibraryExA
GetFullPathNameW
MoveFileExA
MoveFileExW
CancelIoEx
GetConsoleMode
SetConsoleTextAttribute
GetSystemDirectoryW
GetProcessHeap
GetProcAddress
DeleteCriticalSection
CloseHandle
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
FindResourceW
GetCommandLineA
GetConsoleScreenBufferInfo
LoadResource
LockResource
SizeofResource
VerifyVersionInfoW
VerSetConditionMask
AttachConsole
GetStdHandle
FindFirstFileExW
HeapQueryInformation
HeapSize
ReadConsoleOutputCharacterA
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
FreeConsole
GetCurrentThreadId
ExitProcess
SetLastError
GetLastError
GetExitCodeProcess
MulDiv
FreeEnvironmentStringsW
RtlPcToFileHeader
GetStringTypeW
TryAcquireSRWLockExclusive
SwitchToThread
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
IsProcessorFeaturePresent
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
InitializeSListHead
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
RtlUnwindEx
InterlockedPushEntrySList
RtlUnwind
ExitThread
FreeLibraryAndExitThread
RemoveDirectoryW
DeleteFileW
SetStdHandle
GetTimeZoneInformation
GetFileAttributesExW
FlushFileBuffers
ReadConsoleW
GetConsoleOutputCP
SetConsoleCtrlHandler
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
DuplicateHandle
HeapAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
GetOEMCP
GetEnvironmentStringsW
GetFileTime

user32

GetRawInputDeviceList
RegisterRawInputDevices
GetClipboardSequenceNumber
SetClipboardData
GetClipboardData
GetKeyboardLayout
GetKeyboardState
ToUnicode
EnumDisplayDevicesW
CopyImage
AttachThreadInput
SetActiveWindow
SetPropW
RemovePropW
IntersectRect
CreateIconFromResource
MonitorFromRect
DialogBoxIndirectParamW
SystemParametersInfoA
WaitForInputIdle
DrawFrameControl
DrawEdge
GetClassNameW
SetRect
MessageBeep
GetDoubleClickTime
GetWindowTextLengthW
keybd_event
IsMenu
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
GetCaretBlinkTime
CreateCaret
DestroyCursor
FindWindowExW
LoadImageW
LoadIconW
LoadBitmapW
GetIconInfo
CreateIconIndirect
GetPropW
DestroyIcon
DrawIconEx
DrawFocusRect
DrawTextW
EnumChildWindows
MsgWaitForMultipleObjects
EndDialog
SetWindowRgn
GetMonitorInfoW
MonitorFromWindow
OffsetRect
CopyRect
LoadCursorW
GetProcessDefaultLayout
MessageBoxW
GetDlgItem
CreateDialogParamW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
SetParent
GetParent
GetWindowLongW
PtInRect
InflateRect
FillRect
GetSysColor
GetWindowThreadProcessId
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
EnableScrollBar
ScrollWindow
RedrawWindow
InvalidateRect
GetUpdateRgn
ReleaseDC
GetDC
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
CreateWindowExA
EnableWindow
ReleaseCapture
SetCapture
GetCapture
VkKeyScanW
GetKeyState
GetFocus
GetActiveWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
AnimateWindow
IsWindow
CallWindowProcW
PostQuitMessage
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
DispatchMessageW
TranslateMessage
GetWindowRect
PostMessageW
RegisterWindowMessageW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
SetWindowTextW
SetForegroundWindow
EnableMenuItem
GetSystemMenu
DrawMenuBar
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
BringWindowToTop
IsIconic
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowCursor
AdjustWindowRectEx
RegisterClassExA
UnregisterClassA
RegisterWindowMessageA
GetRawInputData
ClipCursor
GetClipCursor
GetUpdateRect
GetForegroundWindow
GetMenu
GetClassInfoExW
GetMessageExtraInfo
TrackMouseEvent
RegisterClassExW
UnregisterDeviceNotification
RegisterDeviceNotificationW
MessageBoxA
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeGetLastError
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
NotifyWinEvent
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
wsprintfW
GetClassInfoW
IsClipboardFormatAvailable
EmptyClipboard
CloseClipboard
OpenClipboard
GetClipboardFormatNameW
RegisterClipboardFormatW
EnumDisplayMonitors
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplaySettingsW
ShowWindow
CreateWindowExW
RegisterClassW
DestroyWindow
UnregisterClassW
DefWindowProcW
PeekMessageW
SetMenu
SendMessageW
GetSystemMetrics
MapVirtualKeyW
GetAsyncKeyState
ChangeDisplaySettingsExW
ChildWindowFromPoint
GetComboBoxInfo
GetDesktopWindow
GetRawInputDeviceInfoA
DdeNameService
DdePostAdvise
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
UnionRect
EndPaint
BeginPaint
GetWindowDC
ValidateRect
PostThreadMessageW
GetMessageW
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
IsRectEmpty
SetRectEmpty
ValidateRgn
InsertMenuItemW
SetMenuInfo
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
KillTimer
IsWindowEnabled
SetTimer
DestroyMenu
CreatePopupMenu
CreateMenu
CheckMenuRadioItem
GetSysColorBrush
DrawStateW
SetMenuItemInfoW
GetMenuItemID
GetSubMenu
CheckMenuItem
ChildWindowFromPointEx
GetMenuState
GetWindowTextW

gdi32

GetGraphicsMode
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
MaskBlt
Pie
PolyPolygon
Rectangle
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPixel
SetPolyFillMode
StretchBlt
StretchDIBits
SetROP2
SetStretchBltMode
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
GetObjectW
ExtTextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
GetClipBox
OffsetRgn
SetWindowOrgEx
CreateBitmap
CreateBitmapIndirect
GetBkColor
LineTo
MoveToEx
GetTextExtentPoint32W
CreatePen
ExtCreatePen
CombineRgn
EqualRgn
GetRgnBox
PtInRegion
RectInRegion
CreatePalette
GetNearestPaletteIndex
Ellipse
CreateHatchBrush
CreatePatternBrush
CreateRectRgnIndirect
GetCharABCWidthsW
GetTextExtentExPointW
CreateICW
CreateDCW
CreateDIBitmap
GetDIBits
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
SetAbortProc
StartDocW
EndDoc
StartPage
EndPage
SetViewportExtEx
ExtFloodFill
GetSystemPaletteEntries
SetViewportOrgEx
CloseEnhMetaFile
CreateEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
EnumFontFamiliesExW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
GetRegionData
ExtCreateRegion
GetOutlineTextMetricsW
DeleteObject
CreateFontIndirectW
GdiFlush
SetBrushOrgEx
GetTextMetricsW
SelectPalette
SelectObject
RealizePalette
UnrealizeObject
SwapBuffers
GetICMProfileW
GetDeviceGammaRamp
SetDeviceGammaRamp
GetTextExtentPoint32A
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
Arc
SetTextColor
SetBkMode
GetPaletteEntries
GetDeviceCaps
ExcludeClipRect
CreateSolidBrush
SetWindowExtEx
CreateRectRgn

winspool.drv

OpenPrinterW
GetPrinterW
DocumentPropertiesW
ClosePrinter

shell32

SHGetFolderPathW
DragQueryFileW
DragQueryPoint
DragFinish
DragAcceptFiles
ExtractIconW
ExtractIconExW
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHBrowseForFolderW
ord6
SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW

ole32

RegisterDragDrop
CoTaskMemFree
CoInitializeEx
CoUninitialize
OleUninitialize
DoDragDrop
PropVariantClear
OleGetClipboard
OleFlushClipboard
OleInitialize
CLSIDFromString
StringFromGUID2
CoCreateInstance
OleIsCurrentClipboard
CoTaskMemAlloc
CoLockObjectExternal
RevokeDragDrop
OleSetClipboard
ReleaseStgMedium

oleaut32

SysStringLen
SystemTimeToVariantTime
SysAllocString
SafeArrayDestroy
SafeArrayGetVartype
VarBstrFromCy
SafeArrayUnlock
SafeArrayLock
VariantInit
SysFreeString
SafeArrayCreate

comdlg32

PageSetupDlgW
PrintDlgW
ChooseColorW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

advapi32

GetUserNameW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

uxtheme

IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeParentBackground
SetWindowTheme
GetThemePartSize
GetThemeColor
GetThemeBackgroundContentRect
GetThemeInt
GetThemeMargins
GetThemeSysColor
GetThemeSysFont
IsThemeActive
IsAppThemed
GetThemeFont
IsThemePartDefined
OpenThemeData
GetThemeBackgroundExtent
GetCurrentThemeName
CloseThemeData

msimg32

AlphaBlend
GradientFill

winmm

timeBeginPeriod
waveOutGetNumDevs
waveOutGetDevCapsW
waveInGetNumDevs
waveInGetDevCapsW
timeEndPeriod
waveOutUnprepareHeader
waveOutGetErrorTextW
waveOutWrite
waveOutClose
waveOutPrepareHeader
waveOutReset
waveInReset
waveInStart
waveInAddBuffer
waveInUnprepareHeader
waveInPrepareHeader
waveInClose
waveInOpen
waveOutOpen

Exports

Exports

_libiconv_version
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_open_into
libiconv_set_relocation_prefix
libiconvctl
libiconvlist

Sections

.text
Size: 22.6MB - Virtual size: 22.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 27.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 666KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2ed107238ec9810195735890d27248c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

oleacc

rpcrt4

shlwapi

version

wsock32

opengl32

setupapi

dsound

ws2_32

imm32

secur32

bcrypt

kernel32

user32

gdi32

winspool.drv

shell32

ole32

oleaut32

comdlg32

advapi32

uxtheme

msimg32

winmm

Exports

Exports

Sections

.text Size: 22.6MB - Virtual size: 22.6MB

.rdata Size: 9.7MB - Virtual size: 9.7MB

.data Size: 359KB - Virtual size: 27.2MB

.pdata Size: 666KB - Virtual size: 666KB

_RDATA Size: 69KB - Virtual size: 68KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 250KB - Virtual size: 249KB

.text
Size: 22.6MB - Virtual size: 22.6MB

.rdata
Size: 9.7MB - Virtual size: 9.7MB

.data
Size: 359KB - Virtual size: 27.2MB

.pdata
Size: 666KB - Virtual size: 666KB

_RDATA
Size: 69KB - Virtual size: 68KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 250KB - Virtual size: 249KB