snowcraft[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

snowcraft.exe
Size

2.0MB
MD5

01d2457143937365275f06d38d273373
SHA1

f5b9777892a53b70d73b33a90e2374d86748f52f
SHA256

29e753be555f6c9737ac6a43717dd96112ef247b5ca207a2588eb0ff92fbcad4
SHA512

a5060e0e153b0d0ee4cf13b0225a4339c54d86e5c372c38b8aabc0603f248ab032c7a5ef6ac0d41a849f6c603aca255cd5f22cf7e5b9375a4bd3dc36ea4c9069
SSDEEP

24576:GR3GgTfbF8Eum+nLbwv6jOFzo9A/jJUsBaCZZWGHrGde/BtDTad6v1:CG0fbF8zLQ6jOFzoSHVTBdad6d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
snowcraft.exe

Files

snowcraft.exe
.exe windows:4 windows x86 arch:x86

b754c48c395f99da97be7f0140f4893f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
LockResource
GetTickCount
LoadResource
FindResourceA
GlobalAddAtomA
GlobalDeleteAtom
SuspendThread
GetCurrentProcessId
WaitForMultipleObjects
CreateEventA
SetEvent
TerminateThread
IsBadReadPtr
FormatMessageA
LocalFree
CreateSemaphoreA
GetCurrentThreadId
WriteProfileStringA
GetTempPathA
ReleaseSemaphore
WaitForSingleObject
SetThreadPriority
OutputDebugStringA
CreateThread
Sleep
ResumeThread
ExitThread
GetSystemInfo
GlobalHandle
VirtualQuery
WinExec
GetDiskFreeSpaceA
GetModuleHandleA
GetDateFormatA
GetProfileStringA
GetProfileIntA
GetDriveTypeA
CompareStringA
GetLogicalDrives
OpenFile
GetWindowsDirectoryA
_lcreat
_lread
_llseek
_lclose
MulDiv
_lwrite
IsDBCSLeadByte
CloseHandle
OpenProcess
ReadProcessMemory
lstrcmpiA
FreeLibrary
GetPrivateProfileStringA
lstrlenW
SizeofResource
WideCharToMultiByte
GlobalReAlloc
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
DeleteCriticalSection
SetErrorMode
GlobalFree
LoadLibraryA
FindFirstFileA
GetProcAddress
GlobalCompact
GetPrivateProfileIntA
FindClose
GlobalMemoryStatus
DeleteFileA
GetFileAttributesA
MoveFileA
FlushFileBuffers
SetCurrentDirectoryA
GetLastError
GlobalUnlock
GlobalAlloc
GlobalSize
lstrlenA
GlobalLock
GetCurrentDirectoryA
lstrcatA
lstrcpyA
GetModuleFileNameA
SetFilePointer
CreateFileA
GetFileType
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetCurrentProcess
TerminateProcess
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
IsBadCodePtr
IsBadWritePtr
ReadFile
VirtualFree
_hwrite
VirtualAlloc
FindNextFileA
_hread
GetVersionExA
WriteFile
CreateDirectoryA
GetLocalTime
RemoveDirectoryA
SetEndOfFile
RtlUnwind
GetStartupInfoA
GetCommandLineA
SetEnvironmentVariableA
GetVersion
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
CompareStringW
GetStdHandle
SetStdHandle
GetTimeZoneInformation
GetSystemTime
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
SetUnhandledExceptionFilter

user32

GetMessageA
CharToOemBuffA
GetActiveWindow
SetFocus
GetCaretBlinkTime
GetCapture
ReleaseCapture
IsChild
GetSystemMetrics
GetKeyboardState
ToAscii
CharUpperBuffA
RegisterClipboardFormatA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DialogBoxParamA
GetUpdateRgn
CallNextHookEx
PtInRect
SetCursor
GetCursor
SetClassLongA
GetPropA
GetKeyState
GetClassNameA
SetTimer
KillTimer
CreateDialogIndirectParamA
CallWindowProcA
IntersectRect
InflateRect
WindowFromPoint
SendDlgItemMessageA
GetDlgItem
SetRect
OffsetRect
FillRect
DrawFrameControl
SetCapture
GetCursorPos
SetScrollPos
ValidateRect
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
IsWindowVisible
MapWindowPoints
GetDlgCtrlID
SetWindowLongA
SetScrollRange
CreateCursor
AppendMenuA
IsDlgButtonChecked
ChangeDisplaySettingsA
EqualRect
SetWindowWord
GetClassInfoA
MoveWindow
IsWindow
wsprintfA
GetAsyncKeyState
SetWindowTextA
DrawIcon
DefDlgProcA
CheckMenuItem
SetWindowPos
IsIconic
BeginPaint
EndPaint
PostMessageA
InvalidateRect
WinHelpA
DefWindowProcA
GetWindow
SendMessageA
DestroyWindow
UnregisterClassA
ShowCursor
PeekMessageA
GetClientRect
CreateMenu
SetMenu
CreateWindowExA
ShowWindow
UpdateWindow
SetClipboardViewer
ChangeClipboardChain
SetMessageQueue
LoadCursorA
RegisterClassA
SetClipboardData
GetClipboardData
OemToCharA
GetDesktopWindow
GetMenu
GetDoubleClickTime
GetWindowDC
GetSysColor
GetDC
ReleaseDC
MessageBoxA
LoadIconA
GetFocus
DefMDIChildProcA
DrawTextA
DrawCaption
GetWindowLongA
GetParent
IsWindowEnabled
LoadStringA
EnableWindow
ScreenToClient
ClientToScreen
AdjustWindowRect
FrameRect
DrawEdge
DefFrameProcA
ValidateRgn
InvalidateRgn
LoadBitmapA
RemovePropA
SetPropA
GetTopWindow
GetSystemMenu
AdjustWindowRectEx
EmptyClipboard
OpenClipboard
EnumClipboardFormats
CloseClipboard
ScrollDC
EnumThreadWindows
EnumChildWindows
SetSysColors
CreateDialogParamA
SetDlgItemTextA
BringWindowToTop
FlashWindow
PostQuitMessage
GetMenuState
MessageBeep
EnableMenuItem
CreateAcceleratorTableA
LoadAcceleratorsA
DestroyAcceleratorTable
CopyAcceleratorTableA
ExitWindowsEx
SystemParametersInfoA
CharNextA
TrackPopupMenu
EndDialog
DestroyMenu
GetMenuItemID
HiliteMenuItem
GetMenuStringA
RemoveMenu
GetSubMenu
ModifyMenuA
InsertMenuA
IsZoomed
DrawMenuBar
GetMenuItemCount
DeleteMenu
CreatePopupMenu
DestroyCursor
GetWindowWord
GetMenuCheckMarkDimensions
IsRectEmpty
wvsprintfA
CharUpperA

gdi32

CreateRoundRectRgn
PtInRegion
GetTextFaceA
GetTextMetricsA
GetTextExtentPointA
CreateFontIndirectA
GetStockObject
SelectObject
RemoveFontResourceA
DeleteObject
AddFontResourceA
SelectPalette
PatBlt
GetObjectA
RealizePalette
CreatePalette
CreateSolidBrush
AnimatePalette
CreateCompatibleBitmap
SetPaletteEntries
SetDIBColorTable
DeleteDC
CreateCompatibleDC
GetTextAlign
CreateDIBitmap
SetTextAlign
SetDIBitsToDevice
BitBlt
StretchDIBits
OffsetRgn
CreateRectRgn
CombineRgn
MoveToEx
SetROP2
LineTo
CreatePatternBrush
SetTextColor
CreatePen
CreateBitmap
SelectClipRgn
SetBkColor
GetClipBox
GetPaletteEntries
IntersectClipRect
GetClipRgn
StretchBlt
ExtTextOutA
TextOutA
GetCurrentPositionEx
GetDCOrgEx
SetStretchBltMode
GetStretchBltMode
CreateBrushIndirect
GetBkColor
GetROP2
GetTextColor
GetBkMode
SetViewportOrgEx
SetBkMode
GetBitmapBits
GetSystemPaletteEntries
SetDIBits
CreateRectRgnIndirect
Escape
GetDIBits
StartDocA
SetAbortProc
CreateICA
AbortDoc
DPtoLP
EndDoc
EndPage
Polyline
StartPage
SetBitmapBits
CreateDIBPatternBrush
CreateDIBSection
SetBrushOrgEx
LPtoDP
UnrealizeObject
SetWindowOrgEx
PaintRgn
GetDIBColorTable
RestoreDC
SaveDC
Rectangle
RoundRect
Ellipse
SetPolyFillMode
CreateFontA
SetTextJustification
GetDeviceCaps
FrameRgn
InvertRgn
FillRgn
PolyPolygon
GetRgnBox
CreatePolygonRgn
EqualRgn
SetRectRgn
Polygon
EnumFontsA
SetSystemPaletteUse
CreateEllipticRgnIndirect
GdiSetBatchLimit

comdlg32

GetSaveFileNameA
PrintDlgA
GetOpenFileNameA
CommDlgExtendedError

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

winmm

mciSendStringA
waveOutOpen
mciGetErrorStringA
waveOutUnprepareHeader
waveOutClose
waveOutPrepareHeader
waveOutReset
waveOutPause
waveOutRestart
waveOutWrite
timeSetEvent
waveOutGetVolume
waveOutSetVolume
waveOutGetNumDevs
DefDriverProc
mciSendCommandA
timeGetTime
timeKillEvent
waveOutGetDevCapsA

msvfw32

ICGetDisplayFormat
ord2
ICClose

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MacroMix
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MacroMix
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b754c48c395f99da97be7f0140f4893f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

winmm

msvfw32

version

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

MacroMix Size: 12KB - Virtual size: 11KB

MacroMix Size: 15KB - Virtual size: 14KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 24KB - Virtual size: 70KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 1.1MB - Virtual size: 1.1MB

MacroMix
Size: 12KB - Virtual size: 11KB

MacroMix
Size: 15KB - Virtual size: 14KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 24KB - Virtual size: 70KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 15KB - Virtual size: 16KB