autotrace[.]exe

General

Target

autotrace.exe
Size

212KB
MD5

d65bb5cecf3f39325010ffe8ebb99bff
SHA1

9a9b14bd2ea16743af5963b746c3cac3cf917f79
SHA256

eab301afedd098ca753fa94e5d90583725003541f57f709129f786e271bd0504
SHA512

ae36444b41aff6aa55d3a643f75fbc69afbb454959fb9e16d639558cdaa25f486262d7c9ca7ac2dc8d424e155332d0339ea49e6c03d7d769ffb3968c6c3af60a
SSDEEP

3072:FJkyrlUf4m5HVeusBweHmqinceeAH2w8ossi1ToCknO/XSVh3RX91poVcPHX0s:FCoCnbUXPeeHULO/Q1l+ViHB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
autotrace.exe

Files

autotrace.exe
.exe windows:4 windows x86 arch:x86

b4e3e54fc0f91a90255ff2e0015175b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

core_rl_magick_

DestroyImage
GetOnePixel
GetImageType
DestroyImageInfo
ReadImage
CloneImageInfo
GetExceptionInfo
MagickIncarnate
GetMagickInfo

pstoedit

pstoedit_checkversion
getPstoeditDriverInfo_plainC
pstoedit_plainC

kernel32

ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
HeapAlloc
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetLastError
DeleteFileA
GetCommandLineA
GetVersionExA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
LoadLibraryA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WideCharToMultiByte
ReadFile
CloseHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
SetFilePointer
WriteFile
FlushFileBuffers
LCMapStringA
LCMapStringW
GetFileAttributesA
CreateFileA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
GetACP
GetOEMCP
GetCPInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
RaiseException
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetTimeZoneInformation
SetEndOfFile
RtlUnwind

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4e3e54fc0f91a90255ff2e0015175b6

Headers

File Characteristics

Imports

core_rl_magick_

pstoedit

kernel32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 22KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 22KB