GoogleRepairTools[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

GoogleRepairTools.exe
Size

1.4MB
MD5

f98058596f3d8fe8c325bf385042ffd1
SHA1

922b1b4f4ecbbbcae5c4bd54eadca40f1262592d
SHA256

ddfe63357ce67f478b6bb85ca2d064fa4d137c065afdbe3b5be7c7e98796cfad
SHA512

6ece82dce56027c0052594e32d458ee13704652c87e210de80e242767f89d6284cc206bfe6d29da93d8b16c1bcfceab4392e0ed1acefc464fb9c782fed20eaa2
SSDEEP

24576:fMudyAKQCeyJjgPdJIZ/TPJn8+zzzG4UHvfAncx7REF6qbhKN4ej9:fMuofQCDHMAO4UPfAIR4U4ej9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GoogleRepairTools.exe

Files

GoogleRepairTools.exe
.exe windows x86

ec28d6434b2981fc7b98879c3d8f019d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetCurrentProcess
GetFullPathNameW
CreateFileW
SetErrorMode
SystemTimeToFileTime
GetFileAttributesW
MoveFileA
GetSystemTimeAsFileTime
RtlUnwind
ExitThread
CreateThread
RaiseException
HeapSize
HeapReAlloc
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCPInfo
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
TryEnterCriticalSection
AreFileApisANSI
CreateFileMappingA
CreateFileMappingW
CreateMutexW
DeleteFileA
FormatMessageA
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesExW
GetFullPathNameA
GetSystemInfo
HeapValidate
HeapCompact
LockFileEx
MapViewOfFile
UnlockFileEx
UnmapViewOfFile
WaitForSingleObjectEx
OutputDebugStringA
OutputDebugStringW
InterlockedCompareExchange
FlushViewOfFile
InterlockedIncrement
FormatMessageW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalFree
LocalAlloc
WritePrivateProfileStringW
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFindAtomW
GetVersionExW
CompareStringW
GetVersionExA
GlobalFree
FreeResource
GlobalUnlock
MulDiv
GetModuleHandleA
WaitForSingleObject
GlobalAddAtomW
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
WaitForDebugEvent
ContinueDebugEvent
GetStartupInfoW
TerminateProcess
CreateEventW
SetLastError
GetProcessHeap
HeapFree
HeapAlloc
InterlockedDecrement
LocalFileTimeToFileTime
SetFileAttributesA
GetFileAttributesA
SetFileTime
DosDateTimeToFileTime
LoadLibraryW
lstrcpyA
SetFileAttributesW
lstrcpyW
GetSystemTime
GetTempPathA
DeleteFileW
CloseHandle
lstrcatW
VirtualQuery
lstrcmpiW
LoadLibraryA
GetProcAddress
GetLastError
GetTempPathW
lstrlenW
MultiByteToWideChar
GetACP
lstrcatA
ReadFile
Sleep
WideCharToMultiByte
GetTickCount
GetModuleHandleW
lstrlenA
SetFilePointer
GetFileSize
ExitProcess
VirtualAlloc
IsDebuggerPresent
VirtualFree

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oleaut32

VariantInit
VariantChangeType
VariantClear

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

gdi32

DeleteObject
GetObjectW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetDeviceCaps
SetMapMode
GetClipBox
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetStockObject
CreateBitmap

oleacc

CreateStdAccessibleObject
LresultFromObject

user32

SetForegroundWindow
GetSubMenu
GetMenuItemCount
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowTextW
SetWindowPos
SetFocus
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
RemovePropW
SendDlgItemMessageW
GetDlgItem
GetWindow
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
MoveWindow
DefWindowProcW
UpdateWindow
CreateWindowExW
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
PostMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
ShowWindow
LoadIconW
RegisterClassExW
BeginPaint
LoadCursorW
PostQuitMessage
EndPaint
EnableWindow
SendMessageW
GetSystemMetrics
GetClientRect
DrawIcon
IsIconic
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetParent
GetFocus
GetPropW
SetPropW
GetClassNameW
GetClassLongW
DestroyMenu
UnregisterClassW
GetSysColorBrush
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsDialogMessageW
GetCapture
GetMenuItemID

shlwapi

PathFindFileNameW
PathFindExtensionW

Sections

.text
Size: 686KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 568KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec28d6434b2981fc7b98879c3d8f019d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

oleaut32

advapi32

gdi32

oleacc

user32

shlwapi

Sections

.text Size: 686KB - Virtual size: 686KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 568KB - Virtual size: 586KB

.rsrc Size: 46KB - Virtual size: 45KB

.text
Size: 686KB - Virtual size: 686KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 568KB - Virtual size: 586KB

.rsrc
Size: 46KB - Virtual size: 45KB