getdataw[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

getdataw.exe
Size

1.5MB
MD5

5948e463f1ffcce302007e20d631607c
SHA1

a39d4f5c8abdf1805547cb6011f8da7cee1f9bf0
SHA256

b9662d25665e8695d2da77d94167402ea395f34ef47385a16a5c4d9ee751d15f
SHA512

8708168cf33580640f4d768576903d72e67f8a177adfdbed2258eb79d2ae4d863e999d2faabc2c6b10c63b36b0f7e74d0349d7900e8eb4030768f004b55979c4
SSDEEP

24576:ppUBjC5XBUkre95lqSa7/pGpHtAR9PI7U5GuUlUPwt9yRG+Cd9kz/R:pp00XBUptqSa7/pGpSR99UlUPw6R/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
getdataw.exe

Files

getdataw.exe
.exe windows:4 windows x86 arch:x86

4e5632c2b6ed3b18b69b0ad86bb6b523

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetSystemInfo
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExW
VirtualAlloc
GetFileType
SetStdHandle
TerminateProcess
HeapReAlloc
HeapAlloc
FindNextFileW
HeapFree
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
GetStartupInfoW
SetErrorMode
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
GlobalFlags
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
VirtualProtect
lstrcmpA
GetLastError
CopyFileW
lstrcpyW
FormatMessageW
GetModuleFileNameW
GetVersion
GlobalGetAtomNameW
InterlockedDecrement
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SetLastError
lstrcpynW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
lstrcatW
lstrcmpW
GetModuleHandleW
LoadLibraryA
GetTickCount
MulDiv
GlobalSize
CreateFileW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetFileSize
CloseHandle
SetFilePointer
WriteFile
ReadFile
GetCurrentThreadId
GetProcAddress
GetVersionExA
lstrlenW
GlobalReAlloc
RaiseException
DeleteCriticalSection
InitializeCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
GetCurrentDirectoryW
SetCurrentDirectoryW
FreeLibrary
LoadLibraryW
WideCharToMultiByte
LocalAlloc
LocalLock
GlobalFree
LocalFree
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTimeZoneInformation

user32

DeleteMenu
SetParent
PostQuitMessage
ShowOwnedPopups
CharUpperW
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
RegisterClipboardFormatW
LockWindowUpdate
PostThreadMessageW
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorW
IsZoomed
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
IsDialogMessageW
CheckRadioButton
RegisterWindowMessageW
WinHelpW
CreateWindowExW
GetClassInfoExW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
TrackPopupMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassW
SetWindowPlacement
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDoubleClickTime
ClipCursor
InvertRect
GetMessagePos
IsClipboardFormatAvailable
IntersectRect
GetClassInfoW
DefWindowProcW
FrameRect
GetWindow
FillRect
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
GetSysColorBrush
GetKeyState
GetWindowTextLengthW
wsprintfW
wvsprintfW
GetFocus
MessageBoxW
IsWindow
SetRect
SetWindowPos
TrackMouseEvent
CallWindowProcW
GetWindowLongW
CallNextHookEx
EqualRect
InflateRect
SetWindowLongW
UnhookWindowsHookEx
SetWindowsHookExW
OffsetRect
GetMenuItemRect
GetSystemMenu
SetRectEmpty
IsMenu
SetMenuItemInfoW
GetClassNameW
GetPropW
SetPropW
RemovePropW
DrawStateW
CopyRect
DestroyIcon
LoadBitmapW
GetMenuItemInfoW
WindowFromPoint
ScreenToClient
SetCapture
GetCapture
PtInRect
GetMessageW
DispatchMessageW
ReleaseCapture
GetDlgCtrlID
GetParent
DrawFrameControl
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsRectEmpty
GetDC
ReleaseDC
ShowScrollBar
LoadIconW
PeekMessageW
MessageBoxA
SystemParametersInfoW
DrawEdge
GetSystemMetrics
SetWindowTextW
GetWindowTextW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
UnregisterClassW
IsWindowVisible
GetClientRect
GetForegroundWindow
ClientToScreen
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
RemoveMenu
InsertMenuW
GetMenuItemCount
KillTimer
SetTimer
PostMessageW
TranslateMessage
ValidateRect
GetActiveWindow
GetDCEx
UnpackDDElParam
GetWindowRect
DrawMenuBar
SetMenu
LoadMenuW
DestroyMenu
LoadCursorW
SetCursor
CreatePopupMenu
CreateMenu
ModifyMenuW
EnableMenuItem
AppendMenuW
EnableScrollBar
GetMenu
GetSubMenu
GetMenuItemID
CheckMenuItem
SendMessageW
GetSysColor
GetCursorPos
SetCursorPos
GetUpdateRect
InvalidateRect
UpdateWindow
EnableWindow
RedrawWindow

gdi32

SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
StretchDIBits
CreateRectRgnIndirect
SetRectRgn
CombineRgn
OffsetWindowOrgEx
DPtoLP
CopyMetaFileW
CreateFontW
EndDoc
AbortDoc
EndPage
StartPage
StartDocW
GetBkColor
PatBlt
GetDeviceCaps
Ellipse
SetPixel
GetPixel
Rectangle
GetTextColor
GetCurrentObject
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
CreateBitmap
BitBlt
DeleteObject
SetTextColor
CreateSolidBrush
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetClipBox
DeleteDC
GetCharWidthW
GetTextMetricsW
CreateFontIndirectW
SetDIBits
Arc
SelectObject
GetTextExtentPoint32W
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
ExtCreatePen
CreatePen
StretchBlt
SetBkColor

comdlg32

PrintDlgW
GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey

shell32

DragFinish
DragQueryFileW
ShellExecuteW

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleDuplicateData
ReleaseStgMedium
OleUninitialize
CoTaskMemFree
CoFreeUnusedLibraries
OleInitialize
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
VarUdateFromDate
SystemTimeToVariantTime

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 869KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e5632c2b6ed3b18b69b0ad86bb6b523

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 32KB - Virtual size: 869KB

.rsrc Size: 112KB - Virtual size: 110KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 32KB - Virtual size: 869KB

.rsrc
Size: 112KB - Virtual size: 110KB