Latite-Releases-2[.]0[.]1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Latite-Releases-2.0.1.zip
Size

4.4MB
MD5

1f77490d01565f59de1afbe56cdd4308
SHA1

0ee48671f38d3f8186a6fb5409da04812e826905
SHA256

b1599faf65f2b542b9b672fb39993169849b550aadcabcd086756978a52931b7
SHA512

2a2e87cf7abffe15f4b0ac1d6cb95631ed1137ebad69c5b42f6696934a019d25ab314107bf9679872f2e5f425feb7ed24dceee43b43c9f2ef82a1855f6c2ce97
SSDEEP

98304:T9yOzK+I5+ajKfnKbRGIf72nAyILJMsnnBJ4PfHoyW1t94GaRYo6b/ND57qZ:pVvAKfnKbRbz2AyIlUQykpaRYok/NJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Latite-Releases-2.0.1/injector/Injector.exe
unpack001/Latite-Releases-2.0.1/launcher/mlv2.dll

Files

Latite-Releases-2.0.1.zip
.zip
Latite-Releases-2.0.1/.gitignore
Latite-Releases-2.0.1/README.md
Latite-Releases-2.0.1/bexp.txt
Latite-Releases-2.0.1/bin/ChakraCore.dll
.dll windows:6 windows x64 arch:x64

536111b001e7d663fe12b55be91e738b

Code Sign

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-03-2020 18:39

Not After

03-03-2021 18:39

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:69:35:50:f4:2c:79:29:37:c5:29:d8:42:ba:71:ca:90:27:08:11:37:7e:3f:83:e6:d1:24:91:6b:70:97:70
Signer

Actual PE Digest

23:69:35:50:f4:2c:79:29:37:c5:29:d8:42:ba:71:ca:90:27:08:11:37:7e:3f:83:e6:d1:24:91:6b:70:97:70

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\A\1\33\s\Build\VcBuild\bin\x64_release_pogo\ChakraCore.pdb

Imports

kernel32

HeapAlloc
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapFree
GetCurrentProcessId
GetModuleFileNameW
GetEnvironmentVariableW
VerSetConditionMask
VerifyVersionInfoW
GetCurrentProcess
GetSystemInfo
GetLogicalProcessorInformation
GetLastError
GetModuleHandleW
K32GetModuleInformation
OutputDebugStringW
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
IsDebuggerPresent
DebugBreak
RaiseException
TerminateProcess
UnhandledExceptionFilter
RtlLookupFunctionEntry
HeapCreate
HeapDestroy
CloseHandle
DuplicateHandle
GetCurrentThread
SetEvent
CreateEventW
SetThreadPriority
WaitForMultipleObjectsEx
WaitForSingleObject
VirtualAlloc
VirtualFree
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
QueryDepthSList
InterlockedFlushSList
VirtualProtect
ResetWriteWatch
GetWriteWatch
VirtualQuery
GlobalMemoryStatusEx
RtlAddFunctionTable
RtlDeleteFunctionTable
TryEnterCriticalSection
FindResourceExW
LoadResource
LockResource
SizeofResource
LoadLibraryExW
GetCurrentThreadId
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetTimeZoneInformation
RaiseFailFastException
QueryPerformanceCounter
GetProcessIoCounters
QueryThreadCycleTime
SetThreadStackGuarantee
GetSystemTime
GetSystemTimeAdjustment
QueryPerformanceFrequency
GetTimeZoneInformationForYear
EnterCriticalSection
RtlVirtualUnwind
FreeLibrary
GetUserDefaultLCID
GetDateFormatW
GetTimeFormatW
ResolveLocaleName
GetUserDefaultLocaleName
CompareStringEx
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetStartupInfoW
RtlPcToFileHeader
EncodePointer
RtlUnwindEx
SetLastError
GetProcAddress
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
WideCharToMultiByte
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
CompareStringW
LCMapStringW
GetACP
GetFileType
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
GetCPInfo
GetStringTypeW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateFileW
SetStdHandle
SetFilePointerEx
WriteConsoleW
LeaveCriticalSection
GetTickCount
DeleteCriticalSection
AddAtomW
FindAtomW
SetThreadpoolTimer
CloseThreadpoolTimer
CreateThreadpoolTimer
CreateFileMappingW
DecodePointer
OpenProcess
RtlCaptureContext
DeleteAtom
LoadLibraryExA
VirtualProtectEx
FlushInstructionCache
ResetEvent
GetProcessId
Sleep
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetLocaleInfoEx
NormalizeString
IsNormalizedString
LCMapStringEx
GetNumberFormatEx

advapi32

EventRegister
EventActivityIdControl
EventWrite
RegCloseKey
RegGetValueW
RegOpenKeyExW
EventUnregister

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoTaskMemAlloc

bcrypt

BCryptGenRandom

version

GetFileVersionInfoExW
VerQueryValueW
GetFileVersionInfoSizeExW

rpcrt4

NdrServerCallNdr64
RpcServerInqBindings
RpcServerRegisterIf2
I_RpcBindingInqLocalClientPID
RpcBindingFree
RpcExceptionFilter
NdrClientCall3
RpcServerUseProtseqW
RpcBindingVectorFree
RpcServerUnregisterIf
RpcMgmtStopServerListening
RpcServerListen
RpcEpRegisterW

Exports

Exports

JsAddRef
JsBoolToBoolean
JsBooleanToBool
JsCallFunction
JsCollectGarbage
JsConstructObject
JsConvertValueToBoolean
JsConvertValueToNumber
JsConvertValueToObject
JsConvertValueToString
JsCopyPropertyId
JsCopyString
JsCopyStringOneByte
JsCopyStringUtf16
JsCreateArray
JsCreateArrayBuffer
JsCreateContext
JsCreateDataView
JsCreateEnhancedFunction
JsCreateError
JsCreateExternalArrayBuffer
JsCreateExternalObject
JsCreateExternalObjectWithPrototype
JsCreateFunction
JsCreateNamedFunction
JsCreateObject
JsCreatePromise
JsCreatePropertyId
JsCreateRangeError
JsCreateReferenceError
JsCreateRuntime
JsCreateSharedArrayBufferWithSharedContent
JsCreateString
JsCreateStringUtf16
JsCreateSymbol
JsCreateSyntaxError
JsCreateTypeError
JsCreateTypedArray
JsCreateURIError
JsCreateWeakReference
JsDefineProperty
JsDeleteIndexedProperty
JsDeleteProperty
JsDiagEvaluate
JsDiagGetBreakOnException
JsDiagGetBreakpoints
JsDiagGetFunctionPosition
JsDiagGetObjectFromHandle
JsDiagGetProperties
JsDiagGetScripts
JsDiagGetSource
JsDiagGetStackProperties
JsDiagGetStackTrace
JsDiagRemoveBreakpoint
JsDiagRequestAsyncBreak
JsDiagSetBreakOnException
JsDiagSetBreakpoint
JsDiagSetStepType
JsDiagStartDebugging
JsDiagStopDebugging
JsDisableRuntimeExecution
JsDisposeRuntime
JsDoubleToNumber
JsEnableRuntimeExecution
JsEquals
JsGetAndClearException
JsGetAndClearExceptionWithMetadata
JsGetArrayBufferStorage
JsGetContextData
JsGetContextOfObject
JsGetCurrentContext
JsGetDataViewInfo
JsGetDataViewStorage
JsGetExtensionAllowed
JsGetExternalData
JsGetFalseValue
JsGetGlobalObject
JsGetIndexedPropertiesExternalData
JsGetIndexedProperty
JsGetModuleHostInfo
JsGetModuleNamespace
JsGetNullValue
JsGetOwnPropertyDescriptor
JsGetOwnPropertyNames
JsGetOwnPropertySymbols
JsGetPromiseResult
JsGetPromiseState
JsGetProperty
JsGetPropertyIdFromName
JsGetPropertyIdFromSymbol
JsGetPropertyIdType
JsGetPropertyNameFromId
JsGetPrototype
JsGetProxyProperties
JsGetRuntime
JsGetRuntimeMemoryLimit
JsGetRuntimeMemoryUsage
JsGetSharedArrayBufferContent
JsGetStringLength
JsGetSymbolFromPropertyId
JsGetTrueValue
JsGetTypedArrayInfo
JsGetTypedArrayStorage
JsGetUndefinedValue
JsGetValueType
JsGetWeakReferenceValue
JsHasException
JsHasExternalData
JsHasIndexedPropertiesExternalData
JsHasIndexedProperty
JsHasOwnProperty
JsHasProperty
JsIdle
JsInitializeJITServer
JsInitializeModuleRecord
JsInstanceOf
JsIntToNumber
JsIsRuntimeExecutionDisabled
JsLessThan
JsLessThanOrEqual
JsModuleEvaluation
JsNumberToDouble
JsNumberToInt
JsObjectDefineProperty
JsObjectDeleteProperty
JsObjectGetOwnPropertyDescriptor
JsObjectGetProperty
JsObjectHasOwnProperty
JsObjectHasProperty
JsObjectSetProperty
JsParse
JsParseModuleSource
JsParseScript
JsParseScriptWithAttributes
JsParseSerialized
JsParseSerializedScript
JsParseSerializedScriptWithCallback
JsPointerToString
JsPreventExtension
JsRelease
JsReleaseSharedArrayBufferContentHandle
JsRun
JsRunScript
JsRunScriptWithParserState
JsRunSerialized
JsRunSerializedScript
JsRunSerializedScriptWithCallback
JsSerialize
JsSerializeParserState
JsSerializeScript
JsSetContextData
JsSetCurrentContext
JsSetException
JsSetExternalData
JsSetHostPromiseRejectionTracker
JsSetIndexedPropertiesToExternalData
JsSetIndexedProperty
JsSetModuleHostInfo
JsSetObjectBeforeCollectCallback
JsSetPromiseContinuationCallback
JsSetProperty
JsSetPrototype
JsSetRuntimeBeforeCollectCallback
JsSetRuntimeMemoryAllocationCallback
JsSetRuntimeMemoryLimit
JsStrictEquals
JsStringToPointer
JsTTDCheckAndAssertIfTTDRunning
JsTTDCreateContext
JsTTDCreateRecordRuntime
JsTTDCreateReplayRuntime
JsTTDDiagSetAutoTraceStatus
JsTTDDiagWriteLog
JsTTDGetPreviousSnapshotInterval
JsTTDGetSnapShotBoundInterval
JsTTDGetSnapTimeTopLevelEventMove
JsTTDHostExit
JsTTDMoveToTopLevelEvent
JsTTDNotifyContextDestroy
JsTTDNotifyLongLivedReferenceAdd
JsTTDNotifyYield
JsTTDPauseTimeTravelBeforeRuntimeOperation
JsTTDPreExecuteSnapShotInterval
JsTTDRawBufferAsyncModificationRegister
JsTTDRawBufferAsyncModifyComplete
JsTTDRawBufferCopySyncIndirect
JsTTDRawBufferModifySyncIndirect
JsTTDReStartTimeTravelAfterRuntimeOperation
JsTTDReplayExecution
JsTTDStart
JsTTDStop

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mrdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Latite-Releases-2.0.1/changelog_last_updated
Latite-Releases-2.0.1/client_changelog
Latite-Releases-2.0.1/game_versions
Latite-Releases-2.0.1/injector/Injector.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Plextora\source\repos\LatiteInjector\obj\Release\net48\win-x64\Latite Injector.pdb

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Latite-Releases-2.0.1/injector/InterFont.ttf
Latite-Releases-2.0.1/injector_changelog
Latite-Releases-2.0.1/latest_version.txt
Latite-Releases-2.0.1/launcher/Assets/Background.png
.png
Latite-Releases-2.0.1/launcher/mlv2.dll
.dll windows:6 windows x64 arch:x64

26486fe55770e660eb7016b5eaf14358

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\dev\MinLoaderV2\x64\Release\MinLoaderV2.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WideCharToMultiByte
MultiByteToWideChar
GetFileInformationByHandleEx
GetLastError
CloseHandle
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
GetLocaleInfoEx
FormatMessageA
LocalFree

user32

MessageBoxA

msvcp140

?_Winerror_map@std@@YAHH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
__std_exception_destroy
__std_exception_copy
__std_terminate
__C_specific_handler
_CxxThrowException
__std_type_info_destroy_list
memset
memmove

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
terminate
_invalid_parameter_noinfo_noreturn
_seh_filter_dll

api-ms-win-crt-environment-l1-1-0

_dupenv_s

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

Exports

Exports

NsiConnectToServer
NsiDisconnectFromServer
NsiRpcDeregisterChangeNotification
NsiRpcDeregisterChangeNotificationEx
NsiRpcEnumerateObjectsAllParameters
NsiRpcGetAllParameters
NsiRpcGetAllParametersEx
NsiRpcGetParameter
NsiRpcGetParameterEx
NsiRpcRegisterChangeNotification
NsiRpcRegisterChangeNotificationEx
NsiRpcSetAllParameters
NsiRpcSetAllParametersEx
NsiRpcSetParameter
NsiRpcSetParameterEx

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Latite-Releases-2.0.1/launcher_version
Latite-Releases-2.0.1/upd_message

Sharing

General

Malware Config

Signatures

Files

536111b001e7d663fe12b55be91e738b

Code Sign

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

23:69:35:50:f4:2c:79:29:37:c5:29:d8:42:ba:71:ca:90:27:08:11:37:7e:3f:83:e6:d1:24:91:6b:70:97:70Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ole32

bcrypt

version

rpcrt4

Exports

Exports

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 81KB - Virtual size: 102KB

.pdata Size: 257KB - Virtual size: 256KB

.didat Size: 512B - Virtual size: 40B

.tls Size: 512B - Virtual size: 125B

.mrdata Size: 512B - Virtual size: 24B

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 103KB - Virtual size: 103KB

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 23KB - Virtual size: 22KB

26486fe55770e660eb7016b5eaf14358

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 168B

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

23:69:35:50:f4:2c:79:29:37:c5:29:d8:42:ba:71:ca:90:27:08:11:37:7e:3f:83:e6:d1:24:91:6b:70:97:70
Signer

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 81KB - Virtual size: 102KB

.pdata
Size: 257KB - Virtual size: 256KB

.didat
Size: 512B - Virtual size: 40B

.tls
Size: 512B - Virtual size: 125B

.mrdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 103KB - Virtual size: 103KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 23KB - Virtual size: 22KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 168B