GCodeConverterSetup (1)[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

GCodeConverterSetup (1).exe
Size

5.4MB
MD5

d35c3d9f1028ef1d264b9d689d87d96c
SHA1

8c3770b92ebb51ff8d32487810dc01757d0e8815
SHA256

4af6afc58c3e7e48b36dc2e9f66ace22fbb3e60a8af6f50cc6a6af852590ce05
SHA512

c87c637b12258363b311738f5ee54bb227fee4eb70911b34ce605acbd77380ef69cee37b94b13af15bd02a843dd3bb34a1fa400317344c2522fb45809568ed72
SSDEEP

98304:Z2Y6LqpHtwPgjPWdr4jsPpe8L13UXPvd+MJeNcgPEiEN5twsfX7:Zp+qJtwaWV4jsBzqXd+Jm+EVnwsP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GCodeConverterSetup (1).exe

Files

GCodeConverterSetup (1).exe
.exe windows:5 windows x86 arch:x86

e547ab6c245b700dff8cfb8219dab610

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

msimg32

GradientFill

kernel32

CreateFileW
GetLastError
CloseHandle
VirtualFree
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeResource
FindResourceW
LoadResource
CreateProcessW
CreateDirectoryW
GetModuleHandleW
SizeofResource
GetTempPathW
LockResource
ReadFile
lstrcatW
DeleteFileW
lstrcpyW
SetFileAttributesW
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
RtlUnwind
HeapReAlloc
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
WriteFile
SetFilePointer
CreateFileA
GetConsoleMode
SetFilePointerEx
SetStdHandle
SetCurrentDirectoryW
WriteConsoleW
GetFileType
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
IsDebuggerPresent
IsProcessorFeaturePresent
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
GetStdHandle
GetModuleFileNameW
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

user32

DestroyWindow
GetMessageW
PostQuitMessage
FillRect
WaitForInputIdle
GetClientRect
BeginPaint
EnumWindows
EndPaint
IsDialogMessageW
LoadIconW
InvalidateRect
BringWindowToTop
SetClassLongW
ShowWindow
CreateDialogParamW
MessageBoxW
UpdateWindow
GetWindowThreadProcessId
wsprintfW

gdi32

SetBkMode
SelectObject
SelectClipRgn
CreateRoundRectRgn
TextOutW
GetStockObject
CreateSolidBrush
SetTextColor

ole32

StringFromGUID2

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e547ab6c245b700dff8cfb8219dab610

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

msimg32

kernel32

user32

gdi32

ole32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 5.3MB - Virtual size: 5.3MB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 5.3MB - Virtual size: 5.3MB

.reloc
Size: 4KB - Virtual size: 3KB