Launcher.exe
First submission 2024-09-02 23:34:02
Last sumbission 2024-09-03 00:19:01
File details
File type: | PE32+ executable (console) x86-64, for MS Windows |
Mime type: | application/x-dosexec |
File size: | 22.0 KB (22528 bytes) |
Compile time: | 2024-05-24 11:18:39 |
MD5: | 1788ecdad15cd02d42475133faa38cce |
SHA1: | 038fae4de854b4fee5eec2a309c05587e6caaf31 |
SHA256: | fed7c9c13dfcf26d6abf8231857a66b3676e79829975b8fe43ee9e4dd4c4235e |
Import Hash : | 2c2c290b31d72b5de180c9426897666e |
Sections 6 | .text .rdata .data .pdata .rsrc .reloc |
Directories 4 | import resource debug relocation |
File features detected
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 57/79 VT report date: 2024-09-02 23:02:08 |
Malware Type 1 | trojan |
Threat Type 3 | shellcoderunner tedy dhhal |
URLs, FQDN and IP indicators 2
PE Sections 0 suspicious
Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
---|---|---|---|---|---|---|
.text | 0x1000 | 0x28de | 10752 | e8a28f00410383d0b7f6970fc60cb7e195623383 | 96ee40999b0b6196058fb9ed05d9a7e8 | |
.rdata | 0x4000 | 0x1fdc | 8192 | ebaed83c23dd0269447ca137e12e45f8b3d14bb4 | 51f5021e9866a78c1b3ef6b16315c8f2 | |
.data | 0x6000 | 0x718 | 512 | 545cb838a3e195f55b77faeffaf6c5893e109129 | c088ed82a46101351cb358f6077ee94e | |
.pdata | 0x7000 | 0x2d0 | 1024 | 7088c84542b06d39612c77cc8565d05e89287206 | 0e210148756dba6505c544589d59bbd4 | |
.rsrc | 0x8000 | 0x1e8 | 512 | 3610a3599548b540ce1e7415ab3d1d9e494bfafc | aab75a50651b831a187cc100e6f72a34 | |
.reloc | 0x9000 | 0x58 | 512 | ca762f45fda1ba333144f8306d22d6dabd186a9c | 4e3e3cc825d221fff1632b8a663a4d93 |
PE Resources 1
Name | Language | Sublanguage | Offset | Size | Data |
---|---|---|---|---|---|
RT_MANIFEST | LANG_ENGLISH | SUBLANG_ENGLISH_US | 0x8060 | 392 |
Packers detected 1
Microsoft Visual C++ 8.0 (DLL) |
Anti debug functions 6
FindWindowA |
GetLastError |
IsDebuggerPresent |
IsProcessorFeaturePresent |
TerminateProcess |
UnhandledExceptionFilter |
Strings analysis - File found
Library |
COMDLG32.dll |
Bypass.dll |
api-ms-win-crt-math-l1-1-0.dll |
Cheat.dll |
VCRUNTIME140_1.dll |
msvcp140.dll |
KERNEL32.dll |
api-ms-win-crt-locale-l1-1-0.dll |
vcruntime140.dll |
api-ms-win-crt-stdio-l1-1-0.dll |
api-ms-win-crt-heap-l1-1-0.dll |
USER32.dll |
api-ms-win-crt-string-l1-1-0.dll |
api-ms-win-crt-runtime-l1-1-0.dll |
SHLWAPI.dll |
Import functions
COMDLG32.dll 1
MSVCP140.dll 1
api-ms-win-crt-string-l1-1-0.dll 1
VCRUNTIME140_1.dll 1
api-ms-win-crt-runtime-l1-1-0.dll 20
KERNEL32.dll 37
api-ms-win-crt-math-l1-1-0.dll 1
VCRUNTIME140.dll 9
api-ms-win-crt-stdio-l1-1-0.dll 4
SHLWAPI.dll 1
api-ms-win-crt-locale-l1-1-0.dll 1
api-ms-win-crt-heap-l1-1-0.dll 4
USER32.dll 1
Name | Latest seen | MD5 |
---|---|---|
Launcher.exe | 2024-09-02 23:37:01 | 8e9d1161d84aa416108c23f8d457a633 |