gunzr[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

gunzr.exe
Size

9.1MB
MD5

a30b269e31463aff41f91584fa2f0768
SHA1

5b3a3fd60a4ca54cae153ed99ed1f92d3dc27ade
SHA256

b4b398b87c1225f42213873f03f4d64773bbe58fb5b789860092f8b06d900e4e
SHA512

fb57f1e1f22dc5f6a1b23bc7cfa766fe7becc24510e70661c93a65ccdd4f28d97f0edf0081902edcdf80078d083bc1b44afbf38ce19756ca2cc86d9b6b53173a
SSDEEP

196608:3g2cFQMrQOnt0bZWELXB8zzCd6LdrOa16pVoD6okBY:Q2qQMrQutAZ/Lx+FrgpVoevy

Score

1^/10

Malware Config

Signatures

Files

gunzr.exe
.exe windows x86

5379496b205a5bed44e39179f766eb47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

fmod

_FSOUND_Sample_Free@4

kernel32

GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetFocus
CharUpperBuffW

gdi32

ScaleWindowExtEx

advapi32

OpenProcessToken

shell32

SHChangeNotify

ole32

CoUninitialize

shlwapi

PathSearchAndQualifyA

crypt32

CryptProtectData

iphlpapi

GetAdaptersInfo

imm32

ImmGetOpenStatus

d3dx9_43

D3DXVec2Normalize

winmm

timeEndPeriod

ws2_32

recvfrom

sensapi

IsNetworkAlive

psapi

GetMappedFileNameA

dbghelp

MiniDumpWriteDump

wininet

InternetConnectA

gdiplus

GdipStringFormatGetGenericTypographic

oleacc

CreateStdAccessibleObject

winspool.drv

OpenPrinterA

oleaut32

SysAllocString

odbc32

ord49

Sections

.text
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 26.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

. ij
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.<LP
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x-,
Size: 8.7MB - Virtual size: 8.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5379496b205a5bed44e39179f766eb47

Headers

DLL Characteristics

File Characteristics

Imports

fmod

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

crypt32

iphlpapi

imm32

d3dx9_43

winmm

ws2_32

sensapi

psapi

dbghelp

wininet

gdiplus

oleacc

winspool.drv

oleaut32

odbc32

Sections

.text Size: - Virtual size: 2.7MB

.rdata Size: - Virtual size: 495KB

.data Size: - Virtual size: 26.1MB

_RDATA Size: - Virtual size: 9KB

. ij Size: - Virtual size: 5.0MB

.<LP Size: 3KB - Virtual size: 3KB

.x-, Size: 8.7MB - Virtual size: 8.7MB

.rsrc Size: 401KB - Virtual size: 400KB

.text
Size: - Virtual size: 2.7MB

.rdata
Size: - Virtual size: 495KB

.data
Size: - Virtual size: 26.1MB

_RDATA
Size: - Virtual size: 9KB

. ij
Size: - Virtual size: 5.0MB

.<LP
Size: 3KB - Virtual size: 3KB

.x-,
Size: 8.7MB - Virtual size: 8.7MB

.rsrc
Size: 401KB - Virtual size: 400KB