Static task
static1
General
-
Target
Launcher Blue.exe
-
Size
2.3MB
-
MD5
3100469fe2bb524c5bbd80166a75de3d
-
SHA1
d18b37515ca0d288ce989ab443b9d10f9554c4e3
-
SHA256
190c0c39dc6f4db5c7a47bec58d899bd7b325893bc8c10eccf134c08e42d6695
-
SHA512
ff6b98835621ac039868425fbc956c22f17d938e6e7a4c9114195c6c0a52f0ceb1ee6105b952f54a3c806915ad1d8d49e2037da66493195e7bec87516a591b17
-
SSDEEP
49152:cYMdEHZ3Vu5B6k0O9ciX3QdfVkowskoNgeL9nTQRaCo+k9:cYMi530kOK43Qrx3kKgeL9n
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Launcher Blue.exe
Files
-
Launcher Blue.exe.exe windows:5 windows x86 arch:x86
e689d29c3b2086b659658254cfce77fd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WideCharToMultiByte
TerminateThread
GetVersionExW
GetFileAttributesW
CreateProcessA
TerminateProcess
CreateFileW
MultiByteToWideChar
WritePrivateProfileStringW
GetTempPathW
CreateDirectoryA
InterlockedExchange
FindClose
GetLocalTime
Process32FirstW
GlobalMemoryStatusEx
RemoveDirectoryW
SetProcessWorkingSetSize
GetSystemInfo
Process32NextW
FindNextFileW
CreateToolhelp32Snapshot
ReleaseMutex
GetWindowsDirectoryW
DeleteFileW
GetCurrentProcessId
SetFileAttributesW
CreateProcessW
ResumeThread
GetThreadContext
SetThreadContext
VirtualQuery
InterlockedCompareExchange
GetCurrentThread
VirtualAlloc
VirtualProtect
SuspendThread
FreeLibrary
GetModuleHandleW
GetProcAddress
ResetEvent
ExitProcess
LoadLibraryExW
lstrcmpiW
ReadFile
LoadLibraryW
GetCommandLineW
OpenProcess
GetPrivateProfileStringW
InitializeCriticalSection
CreateEventW
GlobalAddAtomW
OutputDebugStringW
SetEnvironmentVariableA
SetEndOfFile
WriteConsoleW
SetStdHandle
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetFileType
GetOEMCP
GetACP
IsValidCodePage
GetStdHandle
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetTimeZoneInformation
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStringTypeW
EncodePointer
LocalFree
WriteFile
GetTickCount
WaitForSingleObject
FreeResource
FindFirstFileW
GetFileSize
lstrlenW
CreateThread
CloseHandle
GlobalHandle
LockResource
GlobalFree
OpenMutexW
SizeofResource
Sleep
LoadResource
FindResourceW
FindResourceExW
CreateMutexW
IsBadWritePtr
GetCurrentThreadId
DeleteCriticalSection
DecodePointer
GetProcessId
EnterCriticalSection
HeapSize
SetLastError
GetLastError
RaiseException
FlushInstructionCache
GlobalUnlock
lstrcmpW
GetModuleFileNameW
MulDiv
LeaveCriticalSection
HeapDestroy
InitializeCriticalSectionAndSpinCount
GlobalAlloc
HeapReAlloc
GetProcessHeap
GlobalLock
HeapFree
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
HeapAlloc
SetEvent
user32
MonitorFromWindow
MapWindowPoints
GetMonitorInfoW
SetForegroundWindow
AttachThreadInput
wsprintfW
GetForegroundWindow
GetMenu
LoadStringW
EnumChildWindows
AdjustWindowRectEx
SwitchToThisWindow
GetWindowThreadProcessId
GetAsyncKeyState
SystemParametersInfoW
GetCursorPos
GetDlgCtrlID
KillTimer
IsWindowVisible
SetTimer
UpdateLayeredWindow
IsDialogMessageW
CreateDialogParamW
OffsetRect
LoadImageW
SetWindowRgn
SetWindowContextHelpId
MapDialogRect
GetMessageW
IsIconic
PeekMessageW
CreateDialogIndirectParamW
MoveWindow
GetWindow
DefWindowProcW
CallWindowProcW
SetWindowTextW
SendMessageW
ReleaseCapture
CreateWindowExW
SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
SetWindowLongW
GetDlgItem
ReleaseDC
GetClassNameW
DrawIconEx
LoadIconW
GetSysColorBrush
GetActiveWindow
FrameRect
DrawTextExW
GetClassNameA
IsZoomed
GetKeyState
FindWindowW
UnregisterHotKey
CopyRect
DispatchMessageW
TranslateMessage
SetActiveWindow
PostQuitMessage
DialogBoxIndirectParamW
EndDialog
ShowWindow
PostThreadMessageW
EnableWindow
SetCursor
GetWindowRect
GetWindowTextW
GetWindowLongW
InvalidateRect
RegisterClassExW
GetDC
GetClassInfoExW
BeginPaint
SetFocus
CreateAcceleratorTableW
GetClientRect
IsWindowEnabled
LoadCursorW
InvalidateRgn
GetParent
GetFocus
PostMessageW
UnregisterClassW
SetCapture
IsChild
FillRect
RegisterWindowMessageW
CharNextW
ScreenToClient
GetShellWindow
DestroyAcceleratorTable
GetWindowTextLengthW
DestroyWindow
ClientToScreen
EndPaint
UpdateWindow
GetSystemMetrics
InflateRect
DrawFocusRect
GetCapture
PtInRect
FindWindowA
RegisterHotKey
IsWindow
DrawEdge
DrawTextW
gdi32
GetTextMetricsW
SetBkColor
GetTextExtentPoint32W
CreateRoundRectRgn
RoundRect
CreateDIBSection
SetDIBColorTable
SetTextColor
StretchBlt
SetBkMode
CreateFontW
BitBlt
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetStockObject
DeleteDC
CreateSolidBrush
advapi32
RegCreateKeyW
OpenProcessToken
RegOpenKeyW
LookupPrivilegeValueW
RegOpenKeyExW
AdjustTokenPrivileges
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
shell32
SHGetSpecialFolderPathW
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHChangeNotify
ole32
CoCreateInstance
CoMarshalInterface
GetHGlobalFromStream
CoTaskMemRealloc
CoUnmarshalInterface
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
OleUninitialize
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
StringFromCLSID
CLSIDFromProgID
OleLockRunning
oleaut32
VariantCopy
VarUI4FromStr
LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocStringLen
VariantInit
LoadTypeLi
VariantClear
SysStringLen
DispCallFunc
SysAllocString
shlwapi
PathFileExistsW
StrRChrW
comctl32
_TrackMouseEvent
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Draw
gdiplus
GdipGetFontStyle
GdipAddPathString
GdipGetFontSize
GdipGetPathWorldBounds
GdipGetImageWidth
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipDrawImageI
GdipLoadImageFromStreamICM
GdipCreateLineBrushI
GdipDrawImageRect
GdipFillRectangleI
GdipSetSmoothingMode
GdipCreatePath
GdipCloneStringFormat
GdipDeletePath
GdipGetFamily
GdipSetTextRenderingHint
GdipDrawImagePointRectI
GdipDrawImageRectRect
GdiplusShutdown
GdiplusStartup
GdipBitmapLockBits
GdipSaveImageToFile
GdipGetImagePaletteSize
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImageHeight
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneImage
GdipCreateFontFamilyFromName
GdipDrawString
GdipCreateFont
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipDeleteFontFamily
GdipLoadImageFromFileICM
GdipSetStringFormatAlign
GdipLoadImageFromFile
GdipDeleteFont
GdipSetStringFormatLineAlign
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipSetStringFormatFlags
GdipReleaseDC
GdipCreateFromHDC
GdipDrawImageRectI
GdipSetStringFormatTrimming
urlmon
URLDownloadToFileW
iphlpapi
GetAdaptersInfo
psapi
EmptyWorkingSet
GetProcessMemoryInfo
wininet
HttpOpenRequestW
InternetSetCookieExA
HttpOpenRequestA
InternetConnectW
InternetSetCookieExW
InternetConnectA
InternetSetCookieW
InternetCloseHandle
InternetSetCookieA
FindFirstUrlCacheEntryW
InternetGetConnectedState
HttpQueryInfoW
InternetReadFile
FindNextUrlCacheEntryW
InternetOpenUrlW
DeleteUrlCacheEntryW
InternetOpenW
HttpSendRequestW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
Sections
.text Size: 705KB - Virtual size: 705KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 414KB - Virtual size: 414KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 80KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ