Static task
static1
General
-
Target
gs.exe
-
Size
444KB
-
MD5
6106b5558c08462033906965f0197a03
-
SHA1
47f514564ce21be95ddbef595054ebab52861a32
-
SHA256
852fe36eb692282fef2e7e486abd5dc8a6d31064a52164d77da83cfdb766beb5
-
SHA512
3fd3a037d2006dd5c5d6d4ddddbc72f99a6794d63c4b5327583561fdf3f20d71a5774de229690fc64989f3c064b1ad338761d2baa13a745965e216e68eab0f75
-
SSDEEP
6144:EVueOg57kwGGd5Qo5nGD73dunu3nY0GRHAOjiV7shAORiV7DX:EVueOg9krGd5js3wnu3Y0GlAshGD
Malware Config
Signatures
Files
-
gs.exe.exe windows x86
740e38f16a4b6110bdb1ce025034eb0f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WaitForSingleObject
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
CreateThread
CreateProcessW
GetModuleHandleA
EscapeCommFunction
GetCommState
GetCommTimeouts
SetCommState
SetCommTimeouts
lstrcpyW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
FreeLibrary
GetModuleFileNameA
GetProcAddress
FormatMessageA
LoadLibraryA
SetEnvironmentVariableA
GetStringTypeW
CreatePipe
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
OutputDebugStringW
WriteConsoleW
MoveFileExW
DeleteFileW
GetTimeZoneInformation
SetFilePointerEx
GetCurrentProcessId
QueryPerformanceCounter
FlushFileBuffers
HeapSize
GetCurrentDirectoryW
GetDriveTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DuplicateHandle
CloseHandle
WriteFile
ReadFile
FindNextFileW
FindFirstFileW
CreateFileW
GetStdHandle
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
Sleep
GetFileAttributesExW
RemoveDirectoryW
EnumSystemLocalesW
CreateDirectoryW
LoadLibraryExW
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameW
GetProcessHeap
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
SetEndOfFile
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTempPathA
CreateProcessA
HeapReAlloc
GetCommandLineW
RaiseException
GetFileType
SetStdHandle
GetFullPathNameW
AreFileApisANSI
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
RtlUnwind
HeapAlloc
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
user32
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetSystemMetrics
MessageBoxW
GetWindowLongW
SetWindowLongW
LoadCursorA
LoadIconA
DrawIconEx
EnableWindow
SetTimer
ShowWindow
CreateWindowExW
CallWindowProcW
RegisterClassExW
PostQuitMessage
DefWindowProcW
SendMessageW
GetWindowTextW
SendMessageA
GetMessageA
DispatchMessageA
TranslateMessage
gdi32
GetObjectA
SelectObject
Rectangle
GetStockObject
Ellipse
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
Polyline
comdlg32
GetOpenFileNameW
shell32
SHGetFolderPathW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
SHBrowseForFolderW
ole32
CoInitializeSecurity
CoCreateInstance
CoInitializeEx
oleaut32
SysAllocString
VariantInit
VariantClear
SysFreeString
ws2_32
bind
closesocket
ioctlsocket
htonl
htons
inet_ntoa
listen
recv
accept
send
setsockopt
socket
gethostbyname
gethostname
connect
WSACleanup
select
WSAStartup
gdiplus
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipBitmapGetPixel
GdipFree
GdipAlloc
winmm
PlaySoundW
Sections
.text Size: 296KB - Virtual size: 295KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 140KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 242KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 736B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ