tracerutility (1)[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

tracerutility (1).exe
Size

52.0MB
MD5

e43731fe4dfdd7158ca928c5784b8bdf
SHA1

d9440f26139fe2e5be3549cc26c963e687120fe7
SHA256

ce792e8ddc9830d6fd5246454db2c7c6df55baea0ae5691d76641b5968784323
SHA512

ea518f13154402cb49070755d167676c490422a46695486b896925f40d687c9d1c7b9dbb5a4c7c0a4e20fe85500522ff6150d8649a21cdb398d0b56846757b65
SSDEEP

786432:jfvpssXXUhG5+EbPYi4Pfk2qldMimLeKtwpeJ4wJrfc9EGC58rxrYPus:DpssUEbPKfOdMimLypML+rxrrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tracerutility (1).exe

Files

tracerutility (1).exe
.exe windows:4 windows x86 arch:x86

549f88ad0c7c446ce722b2371970efc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_wcsdup
wcsstr
wcsrchr
free
malloc
memset
_wcsnicmp
_lseek
_read
_write
wcscspn
_tell
wcstok
wcschr
_wtoi
_ultoa
_open_osfhandle
wcscmp
iswalpha
_close
wcslen

kernel32

DeleteFileW
SetFileAttributesW
CloseHandle
GetExitCodeThread
WaitForSingleObject
CreateThread
GetFileAttributesW
lstrcatW
lstrlenW
GetModuleFileNameW
lstrcpyW
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetExitCodeProcess
FindNextFileW
CreateProcessW
GetShortPathNameW
lstrcmpiW
SearchPathW
GetWindowsDirectoryW
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileSize
GetFileTime
CreateFileW
FindFirstFileW
ExitProcess
GetCommandLineW
GetModuleHandleA
GetVersionExA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
GlobalAlloc
GlobalLock
CreateDirectoryW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
lstrlenA
GetSystemDirectoryW
GetTempPathW
GetLastError
SetFilePointer
ReadFile
IsDBCSLeadByte
LocalFree
FormatMessageW
GetCurrentThreadId
lstrcmpW
MultiByteToWideChar
RemoveDirectoryW
FindClose
Sleep

user32

EndDialog
IsDlgButtonChecked
GetDlgItemTextW
PostMessageW
GetWindowRect
GetWindowTextW
GetDlgItem
SetWindowLongW
GetWindowLongW
CallWindowProcW
DestroyIcon
UpdateWindow
ShowWindow
CreateDialogParamA
SetWindowPos
DialogBoxParamA
PostQuitMessage
DestroyWindow
FindWindowW
UnhookWindowsHookEx
SetWindowTextW
GetKeyState
CallNextHookEx
CheckDlgButton
GetParent
SetWindowsHookExA
CreateWindowExW
GetDesktopWindow
GetSystemMetrics
ReleaseDC
GetDC
LoadStringA
MessageBoxA
SetDlgItemTextW
SendMessageA
SendMessageW
WaitForInputIdle
CreateWindowExA
IsWindow
LoadStringW
MessageBoxW
IsDialogMessageA
TranslateMessage
DispatchMessageA
MessageBeep
wsprintfW
PeekMessageA
GetMessageA

shell32

SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

comctl32

ord17

gdi32

GetTextExtentPoint32W
SelectObject

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

549f88ad0c7c446ce722b2371970efc7

Headers

File Characteristics

Imports

crtdll

kernel32

user32

shell32

ole32

comctl32

gdi32

mpr

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 28KB - Virtual size: 25KB