GameLauncher[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

GameLauncher.exe
Size

6.5MB
MD5

cb9d8fcd5d906919b112001d4e5cc8f1
SHA1

c088ae04a792187aed0c41594d78daa0ad35f510
SHA256

d931ce297a55d2bce8f91f2e5b300c079034735283144ed8358eb06a49967ac2
SHA512

4feb3ba4ebad253832e5259971d59af0dcba7d3ff7a453960f2874ca7593407ca04054127215aa57a65fa87174a0f2b0c384a329b319573e3102379a4eae7a97
SSDEEP

49152:GT7HSh6CUjW3N8utpyTvsPw9Nn4LPHW61A+/1dWA9kKqjtS2dcaZhFRbuuu9utJS:/gjSkmwQLrb2dTbuuu9utJv4xXpjGCJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GameLauncher.exe

Files

GameLauncher.exe
.exe windows:6 windows x64 arch:x64

254cb3758d6e580cfc86c4061427648d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

GameLauncher.pdb

Imports

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

bcryptprimitives

ProcessPrng

dwmapi

DwmEnableBlurBehindWindow
DwmExtendFrameIntoClientArea

user32

CreateIcon
PostQuitMessage
AppendMenuW
CreatePopupMenu
CreateMenu
PeekMessageW
SetWindowPlacement
SetMenuItemInfoW
GetWindowPlacement
SetWindowPos
InvalidateRgn
ToUnicodeEx
CheckMenuItem
SendInput
RegisterWindowMessageA
RegisterClassExW
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
IsProcessDPIAware
GetDC
IsWindowVisible
AdjustWindowRectEx
GetWindowRect
DestroyIcon
GetKeyboardLayout
LoadCursorW
SetCursor
RegisterClassW
GetMessageA
IsWindow
ChangeDisplaySettingsExW
ScreenToClient
SystemParametersInfoA
DestroyAcceleratorTable
GetWindowLongW
GetClientRect
CreateAcceleratorTableW
FlashWindowEx
TrackPopupMenu
ClientToScreen
SetForegroundWindow
DispatchMessageA
DefWindowProcW
MonitorFromRect
RedrawWindow
TrackMouseEvent
DestroyWindow
GetTouchInputInfo
VkKeyScanW
MapVirtualKeyExW
GetKeyState
GetAsyncKeyState
GetKeyboardState
GetWindowLongPtrW
SetWindowDisplayAffinity
GetMenu
ShowCursor
ClipCursor
GetClipCursor
SetWindowLongW
SendMessageW
EnableMenuItem
GetSystemMenu
ShowWindow
GetRawInputData
MonitorFromPoint
EnumDisplayMonitors
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
PostThreadMessageW
DispatchMessageW
EnumChildWindows
TranslateMessage
TranslateAcceleratorW
GetAncestor
GetMessageW
GetForegroundWindow
SetCursorPos
ReleaseCapture
IsIconic
GetActiveWindow
SetMenu
MapVirtualKeyW
CreateWindowExW
RegisterTouchWindow
GetSystemMetrics
GetUpdateRect
ValidateRect
GetMonitorInfoW
MonitorFromWindow
GetCursorPos
CloseTouchInputHandle
PostMessageW

kernel32

IsProcessorFeaturePresent
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
GetSystemTimeAsFileTime
GetModuleHandleW
RaiseException
EncodePointer
LCIDToLocaleName
SleepConditionVariableSRW
SetUnhandledExceptionFilter
WakeAllConditionVariable
AcquireSRWLockExclusive
CreateMutexA
WaitForSingleObjectEx
GetTempPathW
CreateThread
WideCharToMultiByte
WriteConsoleW
MultiByteToWideChar
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
GetUserDefaultUILanguage
ReleaseSRWLockExclusive
GetWindowsDirectoryW
GetSystemDirectoryW
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetFullPathNameW
ReadFileEx
CreateNamedPipeW
ExitProcess
SetEnvironmentVariableW
GetFinalPathNameByHandleW
LoadLibraryA
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
GetFileAttributesW
GetModuleFileNameW
GetLastError
OutputDebugStringA
OutputDebugStringW
GetCurrentThreadId
TlsGetValue
CloseHandle
TlsSetValue
LoadLibraryExW
GetProcAddress
CreateProcessW
DeleteCriticalSection
LoadLibraryW
FreeLibrary
GetEnvironmentVariableW
CreateFileW
GetProcessHeap
HeapFree
FindClose
FormatMessageW
ReleaseMutex
HeapReAlloc
HeapAlloc
WaitForSingleObject
QueryPerformanceFrequency
Sleep
GetModuleHandleA
lstrlenW
InitializeCriticalSectionAndSpinCount
GetFileInformationByHandle
GetConsoleMode
FreeEnvironmentStringsW
DeleteProcThreadAttributeList
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetCurrentThread
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
QueryPerformanceCounter
GetSystemInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetCommandLineW
SetFileInformationByHandle
GetCurrentProcess
DuplicateHandle
TerminateProcess
SleepEx
WriteFileEx
GetCurrentProcessId
GetStdHandle
TlsFree

comctl32

DefSubclassProc
SetWindowSubclass
RemoveWindowSubclass

ole32

OleInitialize
RegisterDragDrop
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
CreateStreamOnHGlobal
CoCreateInstance

shell32

DragQueryFileW
SHAppBarMessage
DragFinish
SHGetKnownFolderPath
ShellExecuteW
Shell_NotifyIconW
Shell_NotifyIconGetRect

gdi32

CreateRectRgn
GetDeviceCaps
DeleteObject

uxtheme

SetWindowTheme

advapi32

SystemFunction036
RegGetValueW
EventRegister
EventSetInformation
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
EventUnregister
EventWriteTransfer

oleaut32

SetErrorInfo
SysFreeString
SysStringLen
GetErrorInfo

ntdll

NtWriteFile
RtlNtStatusToDosError

bcrypt

BCryptGenRandom

api-ms-win-crt-math-l1-1-0

__setusermatherr
floor
trunc
round
pow

api-ms-win-crt-string-l1-1-0

_wcsicmp
strcpy_s
wcsncmp
wcslen

api-ms-win-crt-convert-l1-1-0

_ultow_s
wcstol

api-ms-win-crt-runtime-l1-1-0

exit
_exit
_initterm
_get_initial_narrow_environment
_c_exit
_initialize_narrow_environment
_initialize_onexit_table
_initterm_e
_register_onexit_function
_configure_narrow_argv
_crt_atexit
_set_app_type
terminate
abort
_seh_filter_exe
__p___argc
__p___argv
_cexit
_register_thread_local_exe_atexit_callback

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
calloc
_callnewh
malloc

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

254cb3758d6e580cfc86c4061427648d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-synch-l1-2-0

bcryptprimitives

dwmapi

user32

kernel32

comctl32

ole32

shell32

gdi32

uxtheme

advapi32

oleaut32

ntdll

bcrypt

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 1KB - Virtual size: 12KB

.pdata Size: 165KB - Virtual size: 165KB

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 1KB - Virtual size: 12KB

.pdata
Size: 165KB - Virtual size: 165KB

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 32KB - Virtual size: 32KB