getdata[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

getdata.exe
Size

1.4MB
MD5

8e171c1759165cc0e7bdf380ae170e1f
SHA1

e297f16de42130e596e4ee7a81d0e6a3aba1a101
SHA256

35d9f1ac38176a0d92b557d24c466e30ac62b187439e4089878469b201f54f1d
SHA512

ee3d827de9f5394ef23b15ca632607d4aa8db41db8c57d6a6edd59cdddbae74b4e5748382e4e6edd9db8c1d154c5ea04f5ce458ad364b4352d153f501ede9495
SSDEEP

24576:QPkPANBU1BnOR+H33doYIq6vK59WeIzMrOAYOLPqMUjUPCtPyEctl9dR:IkPANBUPnOC9kq6vK59WeIBgUjUPOPyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
getdata.exe

Files

getdata.exe
.exe windows:4 windows x86 arch:x86

1f1323303f8e45b66f9e89d7aae515df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetCommandLineA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetStartupInfoA
FindNextFileA
GetVersionExA
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlUnwind
ExitProcess
SetErrorMode
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
GlobalFlags
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
VirtualProtect
lstrcmpA
GetModuleFileNameA
InterlockedDecrement
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SetLastError
CopyFileA
FormatMessageA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetTickCount
MulDiv
GlobalSize
CreateFileA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileSize
CloseHandle
SetFilePointer
WriteFile
ReadFile
GetCurrentThreadId
GetProcAddress
GlobalReAlloc
RaiseException
DeleteCriticalSection
InitializeCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceA
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentDirectoryA
SetCurrentDirectoryA
FreeLibrary
LoadLibraryA
LocalAlloc
LocalLock
GlobalFree
LocalFree
lstrlenA
lstrcmpiA
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetStringTypeW

user32

DeleteMenu
SetParent
PostQuitMessage
ShowOwnedPopups
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
RegisterClipboardFormatA
LockWindowUpdate
PostThreadMessageA
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorA
IsZoomed
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
IsDialogMessageA
CheckRadioButton
GetMenuState
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassInfoExA
SendDlgItemMessageA
SetFocus
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
TrackPopupMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
SetWindowPlacement
IsIconic
GetWindowPlacement
GetDoubleClickTime
ClipCursor
InvertRect
GetMessagePos
IsClipboardFormatAvailable
IntersectRect
GetClassInfoA
DefWindowProcA
FrameRect
GetDCEx
RedrawWindow
GetWindow
FillRect
GetClassLongA
EndDeferWindowPos
GetSysColorBrush
GetKeyState
IsChild
GetWindowTextLengthA
wsprintfA
wvsprintfA
GetFocus
MessageBoxA
IsWindow
SetRect
SetWindowPos
TrackMouseEvent
CallWindowProcA
GetWindowLongA
CallNextHookEx
EqualRect
InflateRect
SetWindowLongA
UnhookWindowsHookEx
SetWindowsHookExA
OffsetRect
GetMenuItemRect
GetSystemMenu
SetRectEmpty
IsMenu
SetMenuItemInfoA
GetClassNameA
GetPropA
SetPropA
RemovePropA
DrawStateA
CopyRect
DestroyIcon
LoadBitmapA
GetMenuItemInfoA
CharUpperA
EnableWindow
UpdateWindow
InvalidateRect
GetUpdateRect
SetCursorPos
GetCursorPos
GetSysColor
SendMessageA
CheckMenuItem
GetMenuItemID
WindowFromPoint
ScreenToClient
SetCapture
GetCapture
PtInRect
GetMessageA
DispatchMessageA
ReleaseCapture
GetDlgCtrlID
GetParent
DrawFrameControl
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
TranslateMessage
ValidateRect
IsRectEmpty
GetDC
ReleaseDC
ShowScrollBar
LoadIconA
PeekMessageA
SystemParametersInfoA
DrawEdge
GetSystemMetrics
SetWindowTextA
GetWindowTextA
IsWindowEnabled
UnregisterClassA
IsWindowVisible
GetClientRect
GetForegroundWindow
GetActiveWindow
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
BeginDeferWindowPos
InsertMenuItemA
GetSubMenu
GetMenu
EnableScrollBar
AppendMenuA
EnableMenuItem
ModifyMenuA
CreateMenu
CreatePopupMenu
SetCursor
LoadCursorA
DestroyMenu
LoadMenuA
SetMenu
DrawMenuBar
GetWindowRect
PostMessageA
SetTimer
KillTimer
GetMenuItemCount
InsertMenuA
RemoveMenu
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ClientToScreen

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportOrgEx
StretchDIBits
CreateRectRgnIndirect
SetRectRgn
CombineRgn
DPtoLP
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileA
SetBkColor
CreatePatternBrush
BitBlt
EndDoc
AbortDoc
EndPage
StartPage
StartDocA
GetBkColor
PatBlt
GetDeviceCaps
EnumFontFamiliesA
Ellipse
SetPixel
GetPixel
Rectangle
GetTextColor
GetCurrentObject
DeleteObject
SetTextColor
CreateSolidBrush
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
DeleteDC
GetCharWidthA
GetTextMetricsA
CreateFontIndirectA
SetDIBits
Arc
SelectObject
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
ExtCreatePen
CreatePen
StretchBlt
CreateFontA

comdlg32

PrintDlgA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree
OleInitialize
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal

oleaut32

SystemTimeToVariantTime
VarUdateFromDate
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f1323303f8e45b66f9e89d7aae515df

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 32KB - Virtual size: 868KB

.rsrc Size: 112KB - Virtual size: 110KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 32KB - Virtual size: 868KB

.rsrc
Size: 112KB - Virtual size: 110KB