VisualGPSInstall[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

VisualGPSInstall.exe
Size

1.7MB
MD5

f5fb00a35f97233b884c8f88fa9333d0
SHA1

e1863b18109fc076efe98eae0fd08121ffcbb5cc
SHA256

ed304599de049494bbfbd9ea6393c2fa1f8d6af241f020ad5f7cebf6a4ab1879
SHA512

8ef9c45f30a23b1353e923ff4b91e8a9f31d5844c326fc7d3f606883cf13492108fc4f62df46177346f4225146e5369df5d4144837dd6246a63db88ce18f48b3
SSDEEP

49152:eyFqzVZ4joBYYTAXM9cIiyFcv5DsCKWu0nnGnA:eKqzVJBYYTAoxFcv5wCzuQn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VisualGPSInstall.exe

Files

VisualGPSInstall.exe
.exe windows:5 windows x86 arch:x86

b86bd8d8b7e70f576a693df065987f1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

CreateProcessW
GetExitCodeProcess
GetVersion
GetVersionExW
FindClose
WideCharToMultiByte
CreateDirectoryW
CreateFileA
GetDiskFreeSpaceExW
GetEnvironmentVariableW
GetCurrentProcess
FlushInstructionCache
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RemoveDirectoryW
MulDiv
OutputDebugStringW
LoadLibraryExW
InterlockedExchange
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesW
GetTempPathW
GetTempFileNameW
FindNextFileW
GetLogicalDriveStringsW
GetDriveTypeW
GetSystemDirectoryW
GetWindowsDirectoryW
GlobalMemoryStatus
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
lstrlenW
lstrcmpiW
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateMutexW
GetFileAttributesW
SetFileAttributesW
CopyFileW
GetLocaleInfoA
ReadFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryA
LocalAlloc
GetLocaleInfoW
FormatMessageW
FindFirstFileW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
FreeLibrary
MultiByteToWideChar
GetModuleFileNameW
LoadLibraryW
GetProcAddress
ResetEvent
FlushFileBuffers
Sleep
WriteFile
MoveFileW
DeleteFileW
GetFileSize
SetFilePointer
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateEventW
SetEvent
GetLastError
CreateThread
CloseHandle
TerminateThread
GetExitCodeThread
WaitForSingleObject
RaiseException
InitializeCriticalSectionAndSpinCount
GetModuleHandleA

user32

ReleaseDC
GetWindowDC
GetSubMenu
CharNextW
GetPropW
LoadImageW
LoadMenuW
TrackPopupMenu
EnableMenuItem
ScreenToClient
ExitWindowsEx
GetDC
GetSystemMetrics
SetFocus
CallWindowProcW
DestroyMenu
ModifyMenuW
DefWindowProcW
DialogBoxParamW
LoadIconW
InvalidateRect
RedrawWindow
RemovePropW
SetPropW
GetDlgCtrlID
MessageBoxW
KillTimer
EnableWindow
SetTimer
PostMessageW
IsWindow
CreateWindowExW
DestroyWindow
CreateDialogParamW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
ShowWindow
GetActiveWindow
LoadStringW
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
EndDialog
GetWindow
SystemParametersInfoW
GetWindowRect
GetClientRect
MapWindowPoints
GetDlgItem
SetWindowTextW
GetParent
SendMessageW
GetWindowLongW
SetWindowLongW
SetWindowPos
GetDesktopWindow
IsWindowVisible
UnregisterClassA
GetSystemMenu

gdi32

CreateCompatibleDC
GetWindowExtEx
GetViewportExtEx
SetMapMode
CreateCompatibleBitmap
GetDeviceCaps
DeleteObject
GetStockObject
SetBkMode
DeleteDC
SelectObject
CreateFontIndirectW
GetMapMode
GetObjectW

advapi32

RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
RegEnumKeyExW
RegOpenKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegQueryInfoKeyW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHBrowseForFolderW
ShellExecuteW

ole32

CoTaskMemRealloc
CoInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoTaskMemFree

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b86bd8d8b7e70f576a693df065987f1c

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 86KB - Virtual size: 86KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 86KB - Virtual size: 86KB