ProjectLoader[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ProjectLoader.exe
Size

5.8MB
MD5

4df5210d57b482bf2021ff4a4e0ff18a
SHA1

3768023eb545e7cd7bebca2f9d6b711920f52f85
SHA256

6a0b39f199130b6c99d96312351fcb3605d44749e549e537648b98e9e67f7149
SHA512

9eb9ceab7a54d0bac49893ce2f24c11e36fd0266b6afc40624198a70c71c1274a1f09a65a065f9efab1ba78a75037258ebdc32af06ddf8762a54d41c2e4ec55e
SSDEEP

98304:0cBEjPn57tPfAYUrpwwhYfoSnu/CT2P3inFI9mknVixP4lD:TBovPUpwCnSuqK+FI9Ci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ProjectLoader.exe

Files

ProjectLoader.exe
.exe windows:6 windows x64 arch:x64

d98b700095ad67de5638fefd7cb9ec7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

A:\CODE\Game\ProjectLoader\x64\Release\ProjectLoader.pdb

Imports

opengl32

glGetIntegerv
glPushAttrib
glOrtho
glPushMatrix
glDisable
glDrawElements
glTexEnvi
glColorPointer
glClear
glClearColor
glBindTexture
glGenTextures
glTexParameteri
glTexImage2D
glPixelStorei
glPopMatrix
glEnableClientState
glPopAttrib
glPolygonMode
glVertexPointer
glEnable
glScissor
glDisableClientState
glMatrixMode
glBlendFunc
glLoadIdentity
glDeleteTextures
glTexCoordPointer
glGetTexEnviv
glViewport

kernel32

FreeLibrary
CreateFileMappingW
MapViewOfFile
GetProcessId
LocalAlloc
LoadLibraryW
LocalFree
CreateRemoteThread
TerminateProcess
OpenProcess
GetLastError
LoadLibraryA
GetTickCount64
DeviceIoControl
GetCurrentProcessId
VirtualProtect
GetCurrentProcess
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32NextW
GetCurrentThread
Process32FirstW
GetFullPathNameA
GetFileAttributesW
GetSystemDirectoryW
GetSystemDirectoryA
DeleteFileA
MoveFileExW
CreateThread
ExitProcess
WriteProcessMemory
VirtualProtectEx
ReadProcessMemory
GetCommandLineW
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
K32EnumDeviceDrivers
ReadFile
GetModuleFileNameW
CreatePipe
PeekNamedPipe
K32GetDeviceDriverBaseNameA
WaitForSingleObject
Module32FirstW
GetModuleHandleW
Module32NextW
CreateProcessA
CreateDirectoryW
FindFirstFileExW
FindNextFileW
WriteFile
SetFilePointer
FindClose
SetThreadExecutionState
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VerSetConditionMask
FormatMessageW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTimeZoneInformation
GetStdHandle
CloseHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetStringTypeW
GetSystemTimeAsFileTime
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
WaitForSingleObjectEx
SetFilePointerEx
SetEndOfFile
GetFileAttributesExW
FormatMessageA
GetProcAddress
UnmapViewOfFile
LoadLibraryExA
CreateFileW
VirtualAlloc
IsValidLocale
VirtualFree
CreateProcessW
SetEnvironmentVariableA
DeleteFileW
Sleep
HeapFree
HeapAlloc
GetFileType
GetExitCodeProcess
CompareStringW
GetLocaleInfoW
LCMapStringW
GetUserDefaultLCID
RtlUnwind
EnumSystemLocalesW
GetFileSizeEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW

user32

GetRawInputDeviceList
MessageBoxA
PostThreadMessageW
SetWindowsHookExW
UnhookWindowsHookEx
FindWindowW
GetWindowThreadProcessId
SetForegroundWindow
GetCursorPos
ReleaseCapture
SetCapture
SetLayeredWindowAttributes
GetCapture
GetSystemMetrics
ScreenToClient
SetWindowLongPtrW
SetWindowPos
IsWindowVisible
GetWindowRect
CallWindowProcW
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
TrackMouseEvent
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageTime
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
ShowWindow
GetWindowPlacement
SetWindowPlacement
IsIconic
BringWindowToTop
IsZoomed
SetFocus
GetActiveWindow
GetRawInputDeviceInfoA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
LoadImageW
DestroyIcon
LoadCursorW
SetWindowLongW
GetWindowLongW
PtInRect
SetRect
ClipCursor
WindowFromPoint
ClientToScreen
SetCursor
SetCursorPos
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyState

gdi32

SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetDeviceGammaRamp
GetDeviceCaps
DeleteDC
CreateDCW
DeleteObject
CreateRectRgn
SwapBuffers

advapi32

OpenProcessToken
QueryServiceStatusEx
OpenServiceW
RegQueryValueExW
RegCreateKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExW
CloseServiceHandle
OpenSCManagerW
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

DragQueryPoint
DragQueryFileW
CommandLineToArgvW
ShellExecuteW
DragFinish
DragAcceptFiles

ntdll

NtQueryDirectoryObject
NtOpenDirectoryObject
NtFlushBuffersFile
RtlAdjustPrivilege
NtDeleteFile
LdrLoadDll
RtlDosPathNameToNtPathName_U
NtLoadDriver
NtUnloadDriver
NtWriteFile
RtlAllocateHeap
RtlAnsiStringToUnicodeString
NtOpenFile
NtResumeThread
NtWaitForSingleObject
NtFlushVirtualMemory
NtQueryInformationThread
NtSetInformationProcess
NtSetContextThread
NtUnlockVirtualMemory
RtlGetVersion
RtlInitString
NtLockVirtualMemory
NtSetInformationThread
RtlInitUnicodeString
NtOpenProcess
NtQuerySystemInformationEx
NtQueryInformationProcess
NtSuspendThread
NtQueryVirtualMemory
NtFlushInstructionCache
NtGetContextThread
NtOpenThread
NtQuerySystemInformation
RtlInitAnsiString
LdrGetProcedureAddress
NtReadVirtualMemory
NtAllocateVirtualMemory
NtFreeVirtualMemory
NtWriteVirtualMemory
NtProtectVirtualMemory
NtDeviceIoControlFile
NtUnmapViewOfSection
NtMapViewOfSection
RtlFreeHeap
NtClose
NtCreateFile
RtlFreeUnicodeString

dbghelp

ImageDirectoryEntryToData
ImageRvaToVa

ws2_32

WSAStartup
send
socket
getaddrinfo
recv
freeaddrinfo
WSAGetLastError
closesocket
WSACleanup
ioctlsocket
htons
listen
bind
accept
connect

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1021KB - Virtual size: 1021KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 577KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 555KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.v-lizer
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d98b700095ad67de5638fefd7cb9ec7a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

kernel32

user32

gdi32

advapi32

shell32

ntdll

dbghelp

ws2_32

imm32

Sections

.text Size: 1021KB - Virtual size: 1021KB

.rdata Size: 577KB - Virtual size: 576KB

.data Size: 555KB - Virtual size: 574KB

.pdata Size: 57KB - Virtual size: 56KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 3.6MB - Virtual size: 12.6MB

.v-lizer Size: 57KB - Virtual size: 57KB

.text
Size: 1021KB - Virtual size: 1021KB

.rdata
Size: 577KB - Virtual size: 576KB

.data
Size: 555KB - Virtual size: 574KB

.pdata
Size: 57KB - Virtual size: 56KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 3.6MB - Virtual size: 12.6MB

.v-lizer
Size: 57KB - Virtual size: 57KB