AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Static task
static1
Behavioral task
behavioral1
Sample
em.rar
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
em.rar
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Launcherkks.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Launcherkks.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Launcherkks.pck
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Launcherkks.pck
Resource
win10v2004-20240802-en
Target
em.rar
Size
17.3MB
MD5
b18017525805b6fea9e5115f0b0c71ce
SHA1
3f14138c59369a0e66ed16cfdefc06e39bb3f59f
SHA256
260f06f0c6c1544afcdd9a380a114489ebdd041b846b68703158e207b7c983d6
SHA512
28a8227a769d89ef6984a374e0498e5d771f37ef29bdacfc68da5f449a4c336fbbac16e5174aff06ecf60a0b29cf5ede4c5883f0f248e996b994ad1ecb1f5cc1
SSDEEP
393216:1M5fWcqpKnHDBQ7jsW3z6Q1wL19Z6YVuFt6Fw0HPOHl1T590MZBxNyRLOb:qBqQnHDB8pYB/6YVuWa0vscMJNyRLOb
Checks for missing Authenticode signature.
resource |
---|
unpack001/Launcherkks.exe |
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
midiInClose
midiInStop
midiInOpen
midiInGetErrorTextA
midiInGetDevCapsA
midiInGetNumDevs
timeBeginPeriod
timeEndPeriod
midiInStart
GetCurrentThreadId
SetThreadPriority
SetPriorityClass
LoadLibraryW
GlobalSize
GlobalUnlock
GlobalLock
PowerCreateRequest
PowerSetRequest
PowerClearRequest
lstrlenW
CompareStringOrdinal
LCIDToLocaleName
GetLocaleInfoEx
LoadLibraryA
GetLocaleInfoW
FlushFileBuffers
WriteFile
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
IsDebuggerPresent
K32EnumProcessModules
K32GetModuleBaseNameA
K32GetModuleFileNameExA
K32GetModuleInformation
VirtualProtect
GetTimeZoneInformation
SystemTimeToFileTime
FormatMessageW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetEndOfFile
FreeLibraryAndExitThread
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
GetModuleHandleExW
ExitProcess
GetFileType
InitializeCriticalSectionAndSpinCount
RtlUnwind
InterlockedPushEntrySList
RtlUnwindEx
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetCPInfo
GetStringTypeW
LCMapStringEx
GetModuleHandleA
EncodePointer
InitializeCriticalSectionEx
InitOnceComplete
InitOnceBeginInitialize
AcquireSRWLockShared
ReleaseSRWLockShared
GetNativeSystemInfo
GetExitCodeThread
WaitForSingleObjectEx
RaiseException
RtlPcToFileHeader
SleepConditionVariableSRW
WakeConditionVariable
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SetLastError
CreateNamedPipeW
ConnectNamedPipe
SetFileAttributesW
CreateSymbolicLinkW
ReplaceFileW
MoveFileW
RemoveDirectoryW
GetVolumeInformationW
GetLogicalDrives
GetFinalPathNameByHandleW
GetDiskFreeSpaceExA
FindFirstFileExW
DeleteFileW
CreateDirectoryW
GetTickCount64
GetProcessHeap
HeapFree
HeapAlloc
CreateMutexA
ReleaseMutex
CreateEventA
ResetEvent
SetEvent
SleepConditionVariableCS
WakeAllConditionVariable
InitializeConditionVariable
SetThreadAffinityMask
SetThreadIdealProcessor
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateThread
SwitchToThread
GetSystemInfo
GetLargePageMinimum
VirtualFree
VirtualAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetFullPathNameW
GetModuleFileNameW
FreeLibrary
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetLocalTime
GetSystemTimeAsFileTime
GetSystemTime
OpenProcess
CreateProcessW
GetExitCodeProcess
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
WaitForSingleObject
QueryPerformanceFrequency
QueryPerformanceCounter
CreatePipe
GetLastError
SetHandleInformation
OutputDebugStringA
GetFileAttributesW
FindNextFileW
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
HeapReAlloc
HeapSize
CloseHandle
OutputDebugStringW
ReadFile
GetShortPathNameW
GetLongPathNameW
GetFileSize
FindFirstFileW
FindClose
CreateFileW
CompareFileTime
SearchPathW
K32GetPerformanceInfo
SetConsoleOutputCP
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleMode
AttachConsole
GetUserDefaultUILanguage
GetCurrentDirectoryW
GetCurrentThread
SetCurrentDirectoryW
SetEnvironmentVariableW
GetEnvironmentVariableW
SetStdHandle
GetStdHandle
WideCharToMultiByte
LocalFree
GlobalAlloc
GetCommandLineW
GetACP
MultiByteToWideChar
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
DecodePointer
GetCommandLineA
GetOEMCP
IsValidCodePage
HeapQueryInformation
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
PropVariantClear
CoTaskMemAlloc
SysFreeString
SysAllocString
VariantInit
MessageBoxW
GetDCEx
ActivateKeyboardLayout
GetMenuItemRect
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
SetMenuInfo
TrackPopupMenuEx
RemoveMenu
GetMenuItemCount
DestroyMenu
CreatePopupMenu
PostMessageA
GetRawInputDeviceList
GetRawInputDeviceInfoA
RegisterRawInputDevices
GetRawInputData
IsProcessDPIAware
EnumDisplayMonitors
GetMonitorInfoW
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
EnumDisplaySettingsW
CreateIconIndirect
CreateIconFromResource
DestroyIcon
LoadIconA
LoadCursorA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowLongPtrW
SetWindowLongPtrA
GetWindowLongPtrW
GetWindowLongPtrA
OffsetRect
FillRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
SetCaretPos
DestroyCaret
CreateCaret
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
ToUnicodeEx
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetWindowRgn
GetUpdateRect
ReleaseDC
GetWindowDC
GetClientRect
GetDC
AllowSetForegroundWindow
SetForegroundWindow
GetForegroundWindow
DrawTextW
GetSystemMetrics
KillTimer
SetTimer
ReleaseCapture
SetCapture
MapVirtualKeyExA
MapVirtualKeyA
RegisterTouchWindow
CloseTouchInputHandle
GetTouchInputInfo
GetKeyboardState
GetAsyncKeyState
GetKeyState
SetFocus
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatA
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgItem
EndDialog
DialogBoxIndirectParamW
IsZoomed
IsIconic
IsWindowVisible
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
RegisterClassW
GetDoubleClickTime
CallWindowProcW
DefWindowProcW
SendMessageW
SendMessageA
GetMessageExtraInfo
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetKeyboardLayout
GetKeyboardLayoutList
SelectObject
Rectangle
GetTextExtentPoint32W
GetStockObject
GetPixel
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateCompatibleBitmap
CreateBitmap
BitBlt
CreateCompatibleDC
SetDIBitsToDevice
CreateDIBSection
CreatePolygonRgn
SetPixelFormat
SwapBuffers
ChoosePixelFormat
ord219
SHGetPropertyStoreForWindow
DragAcceptFiles
Shell_NotifyIconW
SHGetKnownFolderPath
SHFileOperationW
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconGetRect
SetCurrentProcessExplicitAppUserModelID
DragQueryFileW
SHCreateItemFromParsingName
LookupPrivilegeValueW
GetSidSubAuthorityCount
GetTokenInformation
RegEnumValueW
AdjustTokenPrivileges
GetCurrentHwProfileA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegGetValueW
RegEnumKeyExW
OpenProcessToken
RegOpenKeyW
RegSetValueExW
GetSidSubAuthority
DirectInput8Create
ImmGetContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
BCryptGenRandom
CertCloseStore
CryptBinaryToStringA
CertOpenSystemStoreA
CertGetCertificateContextProperty
CertEnumCertificatesInStore
AvSetMmThreadCharacteristicsW
AvSetMmThreadPriority
DwmGetWindowAttribute
DwmSetWindowAttribute
DwmIsCompositionEnabled
DwmEnableBlurBehindWindow
DWriteCreateFactory
ImageRvaToVa
ImageDirectoryEntryToDataEx
ImageNtHeader
UnDecorateSymbolName
StackWalk64
SymSetOptions
ImageDirectoryEntryToData
SymCleanup
SymFunctionTableAccess64
SymGetModuleBase64
SymGetLineFromAddr64
SymInitialize
SymGetSymFromAddr64
SymLoadModule64
SymGetOptions
GetBestInterfaceEx
GetAdaptersAddresses
accept
__WSAFDIsSet
select
recv
listen
WSAGetLastError
socket
setsockopt
sendto
recvfrom
bind
inet_ntoa
WSAStartup
WSACleanup
connect
send
htonl
htons
ntohl
ntohs
closesocket
getsockname
ioctlsocket
freeaddrinfo
WSAConnect
inet_pton
getnameinfo
getaddrinfo
NtQueryInformationFile
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ