PlataniumV3Launcher[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

PlataniumV3Launcher.exe
Size

2.2MB
MD5

7a41ab943d57a543a4464ba337090cd7
SHA1

7ab6b07b6ea29664a0cf2c65ca0ab6e79188c6f3
SHA256

093b3a4e793507e3b45a4bcc35fe84a1da6a3feea38fd9c53aa0b663eec77783
SHA512

fbec74f56f4aa795562712344056c112e6b03c8fb32328cfca93fd5b46db4665f5b9d3fa2f123dd49edd7b6b9d1ef36b50159cecd80e2be5e98e28fa0ebaacc9
SSDEEP

24576:1QVncQvz+h9wJAk9V1SFKq0Xf0XIsrE/toxVgyKhKJL/2V+1/h0lhSMXlGPEFaEW:1snFzN9Vswquf6A/6nrKeTL+bnLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PlataniumV3Launcher.exe

Files

PlataniumV3Launcher.exe
.exe windows:6 windows x64 arch:x64

Password: ,

12ae65aa6e41f30bb8f253cd138a1734

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\admin\Desktop\PlataniumV3\x64\Release\PlataniumV3Launcher.pdb

Imports

opengl32

glClear
glClearColor
glViewport

kernel32

GlobalUnlock
SetEvent
ResetEvent
CreateEventW
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
SetThreadExecutionState
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
QueryPerformanceCounter
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
QueryPerformanceFrequency
GetSystemDirectoryW
GetModuleHandleW
LoadLibraryW
GetEnvironmentVariableA
SetLastError
FormatMessageW
Sleep
MoveFileExW
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
WaitForSingleObjectEx
SleepEx
VerSetConditionMask
VerifyVersionInfoW
CreateFileW
GetFileSizeEx
TlsFree
LoadLibraryA
GetTickCount64
FreeLibrary
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GlobalLock
GetStdHandle
WriteConsoleA
WriteFile
GetDynamicTimeZoneInformation
GetCurrentThreadId
GetConsoleMode
GetLastError
GetCurrentProcessId
WriteProcessMemory
GetModuleHandleA
OpenProcess
CloseHandle
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFullPathNameW
AreFileApisANSI
GetFileInformationByHandleEx
LocalFree
FormatMessageA
GetLocaleInfoEx
InitOnceComplete
InitOnceBeginInitialize
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetModuleHandleExW
MultiByteToWideChar
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetDriveTypeA
GetLogicalDrives
CreateProcessA
GetProcAddress
GlobalFree
GlobalAlloc
CreateRemoteThread
VirtualAllocEx

user32

PostMessageW
SendMessageW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
RegisterClassExW
CreateWindowExW
TrackMouseEvent
DestroyWindow
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetWindowLongPtrW
SetWindowLongPtrW
CallWindowProcW
GetMessageExtraInfo
GetRawInputDeviceList
GetDesktopWindow
GetRawInputDeviceInfoA
WaitMessage
GetLayeredWindowAttributes
EnumDisplayMonitors
EnumDisplayDevicesW
SetLayeredWindowAttributes
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterClassW
UnregisterDeviceNotification
FlashWindow
RegisterDeviceNotificationW
MoveWindow
SetWindowPos
RegisterRawInputDevices
GetWindowPlacement
SetWindowPlacement
GetRawInputData
GetMonitorInfoW
IsWindowVisible
MonitorFromWindow
ShowWindow
SystemParametersInfoW
IsIconic
BringWindowToTop
CreateIconIndirect
LoadImageW
DestroyIcon
LoadCursorW
GetClassLongPtrW
SetWindowLongW
IsZoomed
GetWindowLongW
PtInRect
SetFocus
OffsetRect
GetActiveWindow
SetRect
ClipCursor
GetKeyState
MapVirtualKeyW
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
RemovePropW
SetCapture
GetPropW
SetPropW
ReleaseDC
GetDC
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture

shell32

DragAcceptFiles
ShellExecuteA
DragFinish
DragQueryPoint
DragQueryFileW

msvcp140

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?good@ios_base@std@@QEBA_NXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flags@ios_base@std@@QEBAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??Bios_base@std@@QEBA_NXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?uncaught_exceptions@std@@YAHXZ
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
?_Xinvalid_argument@std@@YAXPEBD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Winerror_map@std@@YAHH@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
_Cnd_destroy_in_situ
_Mtx_unlock
_Thrd_join
_Xtime_get_ticks
_Thrd_id
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_C_error@std@@YAXH@Z
?id@?$numpunct@D@std@@2V0locale@2@A
?_Xbad_function_call@std@@YAXXZ
?_Xbad_alloc@std@@YAXXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Throw_Cpp_error@std@@YAXH@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Cnd_signal
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ImmSetCandidateWindow

ws2_32

socket
htons
inet_pton
WSACleanup
WSAStartup
inet_ntop
WSASetLastError
ntohs
WSAGetLastError
closesocket
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
recvfrom
sendto
bind
send
getsockopt
__WSAFDIsSet
accept
ioctlsocket
gethostname
getpeername
recv
connect
select
getsockname
htonl
WSAIoctl
setsockopt
freeaddrinfo
getaddrinfo
listen

crypt32

CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryW
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptProtectData
CryptUnprotectData
CertGetNameStringW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

bcrypt

BCryptGenRandom

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__C_specific_handler
memcmp
memset
memmove
__std_exception_destroy
__std_exception_copy
__std_terminate
strstr
strchr
strrchr
wcschr
_CxxThrowException
memchr
memcpy
__current_exception_context

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
terminate
_errno
abort
_beginthreadex
__sys_errlist
__sys_nerr
_configure_narrow_argv
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
_initialize_onexit_table
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function

api-ms-win-crt-stdio-l1-1-0

__p__commode
ftell
_read
__acrt_iob_func
fflush
_lseeki64
fclose
fgets
_write
_fileno
fseek
__stdio_common_vfprintf
fputs
fwrite
_wopen
_wfopen
feof
__stdio_common_vsprintf
_close
__stdio_common_vsscanf
__stdio_common_vsnprintf_s
fputc
fgetc
fgetpos
__stdio_common_vsprintf_s
setvbuf
_set_fmode
fread
_get_stream_buffer_pointers
_fseeki64
fsetpos
ungetc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-string-l1-1-0

strcpy_s
strpbrk
isdigit
_strdup
wcsncpy
wcspbrk
strspn
wcsncmp
strcmp
strncmp
toupper
tolower
_wcsdup
strcspn
strncpy

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
_callnewh
free
realloc
calloc

api-ms-win-crt-convert-l1-1-0

wcstombs
strtol
strtod
strtoul
strtoll
strtof
strtoull
atoi

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_localtime64_s
_gmtime64
strftime
_time64

api-ms-win-crt-math-l1-1-0

cosf
ceilf
_ldsign
acosf
_ldclass
_fdclass
_dclass
_fdopen
_fdsign
fmodf
sqrtf
sinf
__setusermatherr
powf
_dsign

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_fstat64
_unlink
_wstat64
_waccess
_lock_file

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale
___lc_codepage_func

gdi32

ChoosePixelFormat
SetDeviceGammaRamp
GetDeviceGammaRamp
SwapBuffers
DescribePixelFormat
DeleteObject
CreateBitmap
CreateRectRgn
SetPixelFormat
CreateDIBSection
CreateDCW
DeleteDC
GetDeviceCaps

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextW
CryptImportKey
CryptEncrypt

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: ,

12ae65aa6e41f30bb8f253cd138a1734

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

kernel32

user32

shell32

msvcp140

imm32

ws2_32

crypt32

version

bcrypt

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

gdi32

advapi32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 19KB - Virtual size: 36KB

.pdata Size: 49KB - Virtual size: 48KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 19KB - Virtual size: 36KB

.pdata
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB