Static task
static1
General
-
Target
Launcher.exe
-
Size
1.8MB
-
MD5
1a0931042bcf315753af6d64f62cfac6
-
SHA1
d3274c2dd15f0857c25d5c5b22e68f952f964601
-
SHA256
792747521abd5829a0b3a4c80ecd0901efbd1d2cf765dac3f3a12a797ec65cf0
-
SHA512
e530f79086342c153ed5aa075a66454c7adfd3adcd6b3ed365943913b7214b758f079b56956bd225cf0e099401a522f383ffd8b38df442b3f210c512baef8d56
-
SSDEEP
49152:wmwrMBbSLaSlO95T+yxlPcahf+Pca0s9wrMBbSLaSlO95T+yx:wmwrMBOdlO95T+yxlJhf+J0s9wrMBOdM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Launcher.exe
Files
-
Launcher.exe.exe windows:5 windows x86 arch:x86
77c599ed222711f6640df344f61f1610
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
msvcr90
_except_handler4_common
__FrameUnwindFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
??3@YAXPAX@Z
_purecall
_crt_debugger_hook
_encoded_null
_decode_pointer
_encode_pointer
_amsg_exit
_cexit
isalpha
tolower
swscanf
wcsstr
??2@YAPAXI@Z
strcpy
strcat
memcpy
memset
memmove
strlen
fputc
sscanf_s
_vsnprintf_s
atoi
fopen_s
fread
fprintf
strcmp
ferror
ftell
fseek
atof
fclose
strncmp
isspace
strchr
isalnum
kernel32
CreateDirectoryA
TerminateProcess
GetCurrentProcess
OutputDebugStringA
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
GetModuleHandleA
Sleep
GetLastError
CreateMutexA
GetCurrentDirectoryA
CloseHandle
shell32
ShellExecuteA
d3d9
Direct3DCreate9
dinput8
DirectInput8Create
user32
GetKeyboardLayout
advapi32
RegCloseKey
RegCreateKeyA
RegSetValueExA
ole32
CoInitialize
CoSetProxyBlanket
CoCreateInstance
oleaut32
SysFreeString
SysAllocString
msvcm90
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
shlwapi
PathFileExistsA
mscoree
_CorExeMain
Sections
.text Size: 51KB - Virtual size: 50KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 400KB - Virtual size: 399KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ