launcher[.]com

Sharing

Copy URL Twitter E-mail

General

Target

launcher.com
Size

7.0MB
MD5

dccbbc3906c956189b0cdaa44089544e
SHA1

45a368f4625145799bd26c2d2cd4bd1c0fe03d78
SHA256

e2f2f30d844bcc962fa8af6e666c6e0fe16feb7a97b648e9d2ead270e8bf5309
SHA512

f3f7528f19d2e1d6b176a33a19f99bcc4682bd3d4d152ad5c7472fc4edc194c8de391a8238b89494efbcc8f7d402e15558064418b6ca5ffe0e3491ccd1ddb58c
SSDEEP

98304:3+492DQi9RGTr3kenkVwWjZQ6U92W8KAcm9e4sIl/k9qo9ZHrjY3OqpKs9C6q:3Ici9ITjkYfwZJU3gcRqdcZ9Ozjq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
launcher.com

Files

launcher.com
.exe windows:6 windows x64 arch:x64

3cf2fd745358e0af2f7028c4cf3ceae8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winmm

timeGetDevCaps

ws2_32

setsockopt
htonl
getsockopt
WSARecv
FreeAddrInfoW
WSACleanup
recv
send
WSASetLastError
WSAIoctl
closesocket
WSAGetLastError
WSASend
shutdown
WSASocketW
WSAStartup
getsockname
socket
connect
GetAddrInfoW
bind

ntdll

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlNtStatusToDosError
RtlPcToFileHeader

ncrypt

BCryptGenRandom
NCryptGetProperty
NCryptFreeObject

crypt32

CryptAcquireCertificatePrivateKey
CertGetCertificateChain
CertFreeCertificateContext
CertGetNameStringA
CertGetCertificateContextProperty
CertFindCertificateInStore
CertCreateContext
CertCreateCertificateChainEngine
CertVerifyCertificateChainPolicy
CertOpenStore
CertFreeCertificateChain
CertSetCertificateContextProperty
PFXExportCertStoreEx
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateChainEngine

iphlpapi

GetCurrentThreadCompartmentId
SetCurrentThreadCompartmentId

gdiplus

GdipCreateFromHDC
GdipFillEllipseI
GdipCreateBitmapFromGraphics
GdipSetTextRenderingHint
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipGetFontCollectionFamilyCount
GdipDeleteGraphics
GdipDrawString
GdipDeleteFont
GdipGetImageWidth
GdipDeletePen
GdipDrawImageI
GdipCreatePen1
GdipNewPrivateFontCollection
GdipDeletePrivateFontCollection
GdipDrawArcI
GdipDrawLineI
GdipSetStringFormatFlags
GdipGetFontHeight
GdipLoadImageFromStream
GdiplusStartup
GdiplusShutdown
GdipImageSelectActiveFrame
GdipSetClipRectI
GdipSetSolidFillColor
GdipDrawBezierI
GdipCreateFromHWND
GdipSetPenWidth
GdipGraphicsClear
GdipFillPieI
GdipCreateSolidFill
GdipCreateFont
GdipSetSmoothingMode
GdipDisposeImage
GdipGetFontCollectionFamilyList
GdipDrawImageRectI
GdipDrawEllipseI
GdipDeleteBrush
GdipDrawPolygonI
GdipSetPenColor
GdipDrawPieI
GdipDrawRectangleI
GdipFillPolygonI
GdipGetImageHeight
GdipDeleteStringFormat
GdipPrivateAddMemoryFont

shlwapi

ord12

user32

GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetMessageW
DefWindowProcW
PostMessageW
SetProcessDpiAwarenessContext
DestroyWindow
SetWindowPos
GetDpiForWindow
IsWindow
ScreenToClient
UnregisterClassW
ShowWindow
DispatchMessageW
SetTimer
PeekMessageW
RegisterClassW
TrackMouseEvent
TranslateMessage
LoadCursorA
LoadIconA
KillTimer
PostQuitMessage
SystemParametersInfoW
CreateWindowExW

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

GetDriveTypeW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
FlsGetValue
GetDateFormatW
GetTimeFormatW
CompareStringW
FreeLibraryAndExitThread
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
SetStdHandle
GetModuleHandleExW
ExitProcess
LCMapStringW
ReadFile
ExitThread
HeapReAlloc
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
LCMapStringEx
GetLocaleInfoEx
IsValidCodePage
EncodePointer
SleepConditionVariableSRW
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
TryAcquireSRWLockExclusive
FormatMessageA
LoadLibraryExW
AreFileApisANSI
GetFullPathNameW
GetFileInformationByHandle
GetACP
GetOEMCP
GetCurrentDirectoryW
CreateFileW
FindFirstFileExW
RaiseException
GetTimeZoneInformation
VirtualQuery
FlsAlloc
FlsFree
GetSystemInfo
GetNumaNodeProcessorMask
FlsSetValue
GetLargePageMinimum
VirtualAlloc
GetCurrentProcess
VirtualFree
GetNumaHighestNodeNumber
GetCurrentProcessId
WriteFile
GetFileType
GetEnvironmentVariableW
GetStdHandle
WideCharToMultiByte
FindNextFileW
FindFirstFileW
FindClose
TlsFree
TlsSetValue
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
WriteConsoleW
SetEndOfFile
LocalFree
SetPriorityClass
WaitForSingleObject
SetEvent
CloseHandle
CreateEventA
InitializeCriticalSectionEx
GetLastError
DecodePointer
DeleteCriticalSection
MultiByteToWideChar
EnterCriticalSection
WakeAllConditionVariable
WakeConditionVariable
LeaveCriticalSection
InitializeCriticalSection
TlsGetValue
GetCurrentProcessorNumberEx
GetSystemTimeAdjustment
GetActiveProcessorCount
GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
InitializeSListHead
InterlockedPopEntrySList
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
InterlockedPushEntrySList
QueryDepthSList
GetCurrentThreadId
ResetEvent
SetThreadPriority
CreateThread
SetThreadIdealProcessor
SetThreadGroupAffinity
HeapCreate
HeapFree
GetLogicalProcessorInformationEx
QueryPerformanceFrequency
HeapAlloc
HeapDestroy
GlobalMemoryStatusEx
CancelIo
PostQueuedCompletionStatus
LoadLibraryA
CancelIoEx
GetQueuedCompletionStatusEx
GetCurrentProcessorNumber
GetProcAddress
FreeLibrary
CreateIoCompletionPort
SetFileCompletionNotificationModes
Sleep
SetLastError
GetSystemTime
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
TlsAlloc

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 612KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mOM
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s,{
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.`H+
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cf2fd745358e0af2f7028c4cf3ceae8

Headers

DLL Characteristics

File Characteristics

Imports

winmm

ws2_32

ntdll

ncrypt

crypt32

iphlpapi

gdiplus

shlwapi

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 612KB - Virtual size: 847KB

.pdata Size: 93KB - Virtual size: 92KB

.mOM Size: 1.4MB - Virtual size: 1.4MB

.s,{ Size: 2KB - Virtual size: 2KB

.`H+ Size: 506KB - Virtual size: 506KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 612KB - Virtual size: 847KB

.pdata
Size: 93KB - Virtual size: 92KB

.mOM
Size: 1.4MB - Virtual size: 1.4MB

.s,{
Size: 2KB - Virtual size: 2KB

.`H+
Size: 506KB - Virtual size: 506KB

.rsrc
Size: 512B - Virtual size: 480B