gamelaunchhelper[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

gamelaunchhelper.exe
Size

97KB
MD5

ac86ba3fefe6319338bee28d73d74a72
SHA1

4be042f962bcd2f14f6843eae9d4c556fcc4afbe
SHA256

3bcc269277b868333e1207d73e1a49f523d655c033ad564a2f04a49f8414d63e
SHA512

1e825d303115bf6bec5745f9f833d2816f8fee06221d38df71251ae23cd503cebb9d44cf82da152865fd394b8308beb10b9730e943bc7377c4ffb6641f9bb8e3
SSDEEP

1536:3kBlNsUVRglb5nYXOQlbAd9ZFjcnohlUQEVQZdTMyI5hwOVIg3zaY:3kBfsI5APRyQEWPIphwOVIg3G

Score

1^/10

Malware Config

Signatures

Files

gamelaunchhelper.exe
.exe windows:10 windows x64 arch:x64

2742ba818326b875b94ef224bc4ced93

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:3d:bf:f5:08:47:80:3e:31:81:8d:b7:36:51:9f:5b:74:27:bd:32:db:4c:f5:9e:46:d7:7b:10:49:08:c9:f8
Signer

Actual PE Digest

03:3d:bf:f5:08:47:80:3e:31:81:8d:b7:36:51:9f:5b:74:27:bd:32:db:4c:f5:9e:46:d7:7b:10:49:08:c9:f8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

GameLaunchHelper.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_crt_atexit
abort
_errno
_initialize_onexit_table
terminate
_register_thread_local_exe_atexit_callback
_c_exit
_set_app_type
_configure_wide_argv
_cexit
_initialize_wide_environment
_get_initial_wide_environment
_seh_filter_exe
_initterm
__p___wargv
__p___argc
_initterm_e
_exit
exit
_invalid_parameter_noinfo

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode
__stdio_common_vswprintf
__stdio_common_vsnprintf_s

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleFileNameA
GetModuleHandleW
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW

api-ms-win-core-synch-l1-1-0

CreateMutexExW
DeleteCriticalSection
InitializeCriticalSectionEx
CreateSemaphoreExW
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

RaiseException
GetLastError
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

rpcrt4

UuidFromStringW
UuidCreate

api-ms-win-core-registry-l1-1-1

RegDeleteKeyValueW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-winrt-l1-1-0

RoInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader

api-ms-win-core-fibers-l1-1-0

FlsSetValue
FlsGetValue
FlsAlloc
FlsFree

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-appmodel-runtime-l1-1-0

GetPackagesByPackageFamily
GetCurrentPackageFullName

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_callnewh
_calloc_base
_free_base
_set_new_mode
malloc
free

api-ms-win-crt-string-l1-1-0

_wcsicmp
strcpy_s

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-registry-l1-1-0

RegGetValueW

api-ms-win-eventing-provider-l1-1-0

EventWriteEx
EventUnregister
EventRegister
EventSetInformation

api-ms-win-core-version-l1-1-1

GetFileVersionInfoW
GetFileVersionInfoSizeW

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-com-l1-1-0

CoCreateInstance

gameconfighelper

OpenGameConfigForPackage

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2742ba818326b875b94ef224bc4ced93

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57Certificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

03:3d:bf:f5:08:47:80:3e:31:81:8d:b7:36:51:9f:5b:74:27:bd:32:db:4c:f5:9e:46:d7:7b:10:49:08:c9:f8Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

rpcrt4

api-ms-win-core-registry-l1-1-1

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-fibers-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-appmodel-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-core-psapi-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-version-l1-1-1

api-ms-win-core-version-l1-1-0

api-ms-win-core-com-l1-1-0

gameconfighelper

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 132B

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

03:3d:bf:f5:08:47:80:3e:31:81:8d:b7:36:51:9f:5b:74:27:bd:32:db:4c:f5:9e:46:d7:7b:10:49:08:c9:f8
Signer

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 132B