TPFextractGUI[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

TPFextractGUI.exe
Size

80KB
MD5

d965b12dcf377672649be4486a6fc476
SHA1

c07a63773d0c0d1db26cbbec2ff81e0ad2607151
SHA256

88bfc9869dce47b8a3c266cba6c252b7b7785948b8b62efc5ab27faf2216b295
SHA512

cc5bcfccde9be3329f9a6ba11824d602ac10d59ffc8f9d4f7c826e156b0b83b9de3d1291952aed538179d427960e4997822be95762294a06dbcb9a1af3589d3f
SSDEEP

1536:P2+aFeHfSP15+GdviIesQ7XB/cUPilgv0U:++7HKP1EGwIedTNcUPiCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TPFextractGUI.exe

Files

TPFextractGUI.exe
.exe windows:4 windows x86 arch:x86

c3388a158d130c5390a19c2776f5cfc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateSemaphoreA
ExitProcess
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

mingwm10

__mingwthr_key_dtor

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fclose
fgets
fopen
fputc
fputs
free
fwrite
malloc
realloc
remove
signal
sprintf
strcmp
strcpy

libgcc_s_dw2-1

_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__deregister_frame_info
__emutls_get_address
__register_frame_info

qtcore4

_Z5qFreePv
_Z7qMemSetPvij
_Z8qWinMainP11HINSTANCE__S0_PciRiR7QVectorIS1_E
_Z9qBadAllocv
_ZN10QByteArray7reallocEi
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN11QVectorData10reallocateEPS_iii
_ZN11QVectorData4freeEPS_i
_ZN11QVectorData8allocateEii
_ZN16QCoreApplication9translateEPKcS1_S1_NS_8EncodingE
_ZN7QObject10childEventEP11QChildEvent
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject11eventFilterEPS_P6QEvent
_ZN7QObject13connectNotifyEPKc
_ZN7QObject13setObjectNameERK7QString
_ZN7QObject16disconnectNotifyEPKc
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QString11shared_nullE
_ZN7QString14fromWCharArrayEPKwi
_ZN7QString16codecForCStringsE
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QString6appendERKS_
_ZN7QString6numberEdci
_ZN7QString8fromUtf8EPKci
_ZN7QString9fromAsciiEPKci
_ZN7QStringaSERKS_
_ZN8QProcess14setReadChannelENS_14ProcessChannelE
_ZN8QProcess15waitForFinishedEi
_ZN8QProcess19setWorkingDirectoryERK7QString
_ZN8QProcess21readAllStandardOutputEv
_ZN8QProcess5startERK7QStringRK11QStringList6QFlagsIN9QIODevice12OpenModeFlagEE
_ZN8QProcessC1EP7QObject
_ZN8QVariantC1ERK7QString
_ZN8QVariantC1Ei
_ZN8QVariantD1Ev
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData7detach3Ev
_ZNK7QObject10objectNameEv
_ZNK7QString11toLocal8BitEv
_ZNK7QString5splitERKS_NS_13SplitBehaviorEN2Qt15CaseSensitivityE
_ZNK7QString8toDoubleEPb
_ZNK7QStringeqERK13QLatin1String
_ZNK7QStringeqERKS_

qtgui4

_ZN10QBoxLayout10setSpacingEi
_ZN10QBoxLayout9addLayoutEP7QLayouti
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QFileDialog15getOpenFileNameEP7QWidgetRK7QStringS4_S4_PS2_6QFlagsINS_6OptionEE
_ZN11QFileDialog20getExistingDirectoryEP7QWidgetRK7QStringS4_6QFlagsINS_6OptionEE
_ZN11QHBoxLayoutC1Ev
_ZN11QHeaderView21setDefaultSectionSizeEi
_ZN11QHeaderView21setMinimumSectionSizeEi
_ZN11QMainWindow11qt_metacallEN11QMetaObject4CallEiPPv
_ZN11QMainWindow11qt_metacastEPKc
_ZN11QMainWindow15createPopupMenuEv
_ZN11QMainWindow16contextMenuEventEP17QContextMenuEvent
_ZN11QMainWindow16setCentralWidgetEP7QWidget
_ZN11QMainWindow16staticMetaObjectE
_ZN11QMainWindow5eventEP6QEvent
_ZN11QMainWindowC2EP7QWidget6QFlagsIN2Qt10WindowTypeEE
_ZN11QMainWindowD2Ev
_ZN11QPushButtonC1EP7QWidget
_ZN11QTreeWidget13setHeaderItemEP15QTreeWidgetItem
_ZN11QTreeWidget5clearEv
_ZN11QTreeWidgetC1EP7QWidget
_ZN11QVBoxLayoutC1EP7QWidget
_ZN11QVBoxLayoutC1Ev
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN15QAbstractButton7setTextERK7QString
_ZN15QTreeWidgetItemC1EP11QTreeWidgeti
_ZN15QTreeWidgetItemC1Ei
_ZN7QLayout18setContentsMarginsEiiii
_ZN7QWidget10closeEventEP11QCloseEvent
_ZN7QWidget10enterEventEP6QEvent
_ZN7QWidget10fontChangeERK5QFont
_ZN7QWidget10leaveEventEP6QEvent
_ZN7QWidget10paintEventEP11QPaintEvent
_ZN7QWidget10setVisibleEb
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget11changeEventEP6QEvent
_ZN7QWidget11resizeEventEP12QResizeEvent
_ZN7QWidget11styleChangeER6QStyle
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget13enabledChangeEb
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZN7QWidget13keyPressEventEP9QKeyEvent
_ZN7QWidget13paletteChangeERK8QPalette
_ZN7QWidget13setSizePolicyE11QSizePolicy
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN7QWidget14languageChangeEv
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget14setMinimumSizeEii
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget18focusNextPrevChildEb
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN7QWidget22windowActivationChangeEb
_ZN7QWidget6resizeERK5QSize
_ZN7QWidget8winEventEP6tagMSGPl
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget9moveEventEP10QMoveEvent
_ZN7QWidget9showEventEP10QShowEvent
_ZN7QWidgetC1EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN9QLineEdit11setReadOnlyEb
_ZN9QLineEdit7setTextERK7QString
_ZN9QLineEditC1EP7QWidget
_ZNK11QTreeWidget10headerItemEv
_ZNK7QWidget10sizePolicyEv
_ZNK7QWidget11paintEngineEv
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget15minimumSizeHintEv
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZNK7QWidget5getDCEv
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZNK7QWidget7devTypeEv
_ZNK7QWidget8sizeHintEv
_ZNK7QWidget9releaseDCEP5HDC__
_ZNK9QLineEdit4textEv
_ZNK9QTreeView6headerEv
_ZThn8_NK7QWidget11paintEngineEv
_ZThn8_NK7QWidget5getDCEv
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZThn8_NK7QWidget7devTypeEv
_ZThn8_NK7QWidget9releaseDCEP5HDC__

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3388a158d130c5390a19c2776f5cfc9

Headers

File Characteristics

Imports

kernel32

mingwm10

msvcrt

libgcc_s_dw2-1

qtcore4

qtgui4

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 26KB - Virtual size: 26KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 104B

.idata Size: 9KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 26KB - Virtual size: 26KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 104B

.idata
Size: 9KB - Virtual size: 8KB