launcher1[.]5[.]5[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

launcher1.5.5.exe
Size

6.5MB
MD5

956eade6e6b996419a74468956a6c8d0
SHA1

83b4aedd7346a549935f193c5b238ef135b6be61
SHA256

4a31ccefc7fdefdb002a557cfe7ed89fb0213dffab79ac657c6319938f230fd4
SHA512

011cf9468851c0a2a1b7523c8dadce50eba21affd4c17b57a5b0f4ce1dafe54d00130e7378a367715522b44317d1d25e1795981d1489b9caa23a7d208f887b47
SSDEEP

98304:0WPNNzjJqNFdMqeAK/KI80d3S8LmTEZfkRcHzDbDhu+YZ:PPN9n80d3BLmekRcT4v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
launcher1.5.5.exe

Files

launcher1.5.5.exe
.exe windows:6 windows x86 arch:x86

e887133c8a649641bd8638df1a0ab573

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

xlpack

?Mount@@YAPAXPBD0_N@Z
?Copy@@YA_NPBD0@Z
?IsFileExist@@YA_NPBD@Z
?DestroyFileSystem@@YAXXZ
?ApplyPatchPak@@YA_NPBD0@Z
?MergePatchDeletedList@@YAXPBD0@Z
?CreateFileSystem@@YA_NXZ

kernel32

GetModuleHandleA
SetThreadStackGuarantee
AddVectoredExceptionHandler
GetProcAddress
CloseHandle
VirtualAllocEx
AcquireSRWLockExclusive
CreateProcessW
SwitchToThread
InitializeSListHead
WriteProcessMemory
CreateRemoteThread
TerminateProcess
OpenProcess
GetLastError
IsDebuggerPresent
VirtualFreeEx
HeapAlloc
UnhandledExceptionFilter
GetProcessHeap
HeapFree
ReleaseSRWLockExclusive
PostQueuedCompletionStatus
MoveFileExW
GetCurrentThreadId
ReleaseSRWLockShared
GetSystemTimeAsFileTime
ExitProcess
WriteFileEx
SleepEx
ReadFileEx
CreateThread
TlsSetValue
SetThreadErrorMode
LoadLibraryExW
AcquireSRWLockShared
LoadLibraryW
CreateNamedPipeW
DeleteProcThreadAttributeList
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
DuplicateHandle
GetFileAttributesW
GetWindowsDirectoryW
WakeAllConditionVariable
FreeLibrary
GetSystemDirectoryW
SetLastError
GetFinalPathNameByHandleW
TryAcquireSRWLockExclusive
GetQueuedCompletionStatusEx
CompareStringOrdinal
FreeEnvironmentStringsW
CreateIoCompletionPort
SetFileCompletionNotificationModes
GetEnvironmentStringsW
GetSystemInfo
SleepConditionVariableSRW
WakeConditionVariable
FindClose
FindFirstFileW
CreateDirectoryW
SetFilePointerEx
GetFullPathNameW
HeapReAlloc
GlobalFree
Sleep
GlobalAlloc
GetFileInformationByHandleEx
GetFileInformationByHandle
SetFileInformationByHandle
CreateFileW
GetModuleFileNameW
GetEnvironmentVariableW
ReleaseMutex
CreateMutexA
GetCurrentProcessId
GetCurrentProcess
MultiByteToWideChar
GlobalLock
SetUnhandledExceptionFilter
GlobalSize
GlobalUnlock
TlsGetValue
lstrlenW
RtlCaptureContext
IsProcessorFeaturePresent
LoadLibraryA
SetHandleInformation
WaitForSingleObjectEx
GetCurrentDirectoryW
GetCurrentThread
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
GetStdHandle
GetConsoleMode
WaitForSingleObject
WriteConsoleW
CreateWaitableTimerExW
SetWaitableTimer
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleW
FormatMessageW

user32

DestroyIcon
GetWindowRect
IsIconic
SystemParametersInfoA
GetKeyState
AdjustWindowRectEx
GetKeyboardLayout
GetKeyboardState
ShowWindow
GetSystemMenu
EnableMenuItem
ChangeDisplaySettingsExW
GetRawInputData
SetWindowPlacement
ValidateRect
SetCapture
PostThreadMessageW
PeekMessageW
SetCursor
EnumDisplayMonitors
MapVirtualKeyW
SendInput
SetForegroundWindow
GetClipCursor
ClipCursor
ShowCursor
LoadCursorW
GetUpdateRect
ClientToScreen
CloseTouchInputHandle
ScreenToClient
ToUnicodeEx
RegisterRawInputDevices
RegisterWindowMessageA
GetClassInfoExW
GetPropW
GetTouchInputInfo
DefWindowProcW
TrackMouseEvent
MonitorFromRect
CallWindowProcW
GetWindowPlacement
MsgWaitForMultipleObjectsEx
MessageBoxW
DestroyWindow
OpenClipboard
CloseClipboard
TranslateMessage
GetMonitorInfoW
GetMenu
RedrawWindow
GetWindowLongW
CreateIcon
IsProcessDPIAware
MonitorFromWindow
RegisterTouchWindow
SetWindowDisplayAffinity
CreateWindowExW
RegisterClassExW
GetDC
FlashWindowEx
InvalidateRgn
SetWindowPos
CreateIconFromResourceEx
GetForegroundWindow
ReleaseCapture
GetCursorPos
SetWindowTextW
SendMessageW
GetSystemMetrics
GetActiveWindow
GetClientRect
ReleaseDC
RemovePropW
MapVirtualKeyA
DispatchMessageW
SetClipboardData
EmptyClipboard
GetClassNameW
GetClipboardData
IsClipboardFormatAvailable
PostMessageW
SetWindowLongW
SetPropW
GetMessageW

bcrypt

BCryptGenRandom

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
SystemFunction036

uiautomationcore

UiaHostProviderFromHwnd
UiaLookupId
UiaRaiseAutomationPropertyChangedEvent
UiaRaiseAutomationEvent
UiaReturnRawElementProvider
UiaGetReservedNotSupportedValue

oleaut32

SafeArrayCreateVector
SetErrorInfo
GetErrorInfo
SysFreeString
SysStringLen
SafeArrayPutElement
SysAllocStringLen

shell32

DragFinish
SHGetKnownFolderPath
DragQueryFileW

ole32

RegisterDragDrop
OleInitialize
RevokeDragDrop
CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemFree

opengl32

wglGetCurrentDC
wglDeleteContext
wglGetProcAddress
wglGetCurrentContext
wglCreateContext
wglShareLists
wglMakeCurrent

gdi32

SwapBuffers
GetDeviceCaps
ChoosePixelFormat
DeleteObject
SetPixelFormat
DescribePixelFormat
CreateRectRgn

shlwapi

AssocQueryStringW

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmAssociateContextEx
ImmSetCandidateWindow
ImmGetContext

dwmapi

DwmEnableBlurBehindWindow

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod

ws2_32

connect
WSACleanup
getsockname
ioctlsocket
WSAGetLastError
WSAStartup
freeaddrinfo
getpeername
WSASocketW
getsockopt
WSASend
bind
getaddrinfo
shutdown
closesocket
send
WSAIoctl
recv
setsockopt

ntdll

NtCancelIoFileEx
RtlNtStatusToDosError
NtDeviceIoControlFile
NtCreateFile
NtWriteFile
NtReadFile

secur32

DeleteSecurityContext
AcquireCredentialsHandleA
FreeContextBuffer
EncryptMessage
FreeCredentialsHandle
InitializeSecurityContextW
DecryptMessage
ApplyControlToken
QueryContextAttributesW
AcceptSecurityContext

crypt32

CertCloseStore
CertDuplicateCertificateChain
CertAddCertificateContextToStore
CertGetCertificateChain
CertFreeCertificateContext
CertDuplicateCertificateContext
CertOpenStore
CertFreeCertificateChain
CertDuplicateStore
CertVerifyCertificateChainPolicy
CertEnumCertificatesInStore

uxtheme

SetWindowTheme

vcruntime140

memmove
__current_exception
_except_handler4_common
__CxxFrameHandler3
memcpy
memcmp
memset
__current_exception_context

api-ms-win-crt-math-l1-1-0

fminf
truncf
_hypotf
cos
sin
ceil
floor
fmin
fmax
pow
exp
roundf
fmaxf
exp2f
atan2
cbrtf
__setusermatherr
round
trunc
acos

api-ms-win-crt-string-l1-1-0

strlen
wcslen

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_crt_atexit
_controlfp_s
terminate
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_c_exit
_cexit
_set_app_type
__p___argv
__p___argc
_register_onexit_function
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e887133c8a649641bd8638df1a0ab573

Headers

DLL Characteristics

File Characteristics

Imports

xlpack

kernel32

user32

bcrypt

advapi32

uiautomationcore

oleaut32

shell32

ole32

opengl32

gdi32

shlwapi

imm32

dwmapi

winmm

ws2_32

ntdll

secur32

crypt32

uxtheme

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 4.0MB - Virtual size: 4.0MB

.data Size: 7KB - Virtual size: 9KB

.rsrc Size: 139KB - Virtual size: 138KB

.reloc Size: 90KB - Virtual size: 90KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 7KB - Virtual size: 9KB

.rsrc
Size: 139KB - Virtual size: 138KB

.reloc
Size: 90KB - Virtual size: 90KB