10c7b303810e8561e9a64850554da403

Sharing

Copy URL Twitter E-mail

General

Target

10c7b303810e8561e9a64850554da403
Size

534KB
MD5

10c7b303810e8561e9a64850554da403
SHA1

c46624836694efad84e01300ec8607ecc1685573
SHA256

28b45a7b32a7cc59e679e9d2bb767bdc051f11b9ce53c64a2f43f971c0d6fdbd
SHA512

f842f57319a41ac2061e02ba9768aea3f053460b96531d346fcba1554e433ad02e9c4accc2f205677d1ccf0ba0d073e345c82bc1669f2cf5758b4e6740a505cb
SSDEEP

12288:qWtAOSQNDrWnaRMq2QzpL1WaXcbiMY3ankWzfv24KmgxPXno:qWt7SQRrWaeq28LoaXJqkWzfv24DgFXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GCPUID.exe

Files

10c7b303810e8561e9a64850554da403
.zip
GCPUID.exe
.exe windows:4 windows x86 arch:x86

59344de7cf57ce7e10432362356c949d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GlobalMemoryStatus
lstrcmpiA
lstrcpyA
LocalAlloc
GlobalFree
GlobalAlloc
FindFirstFileA
DeviceIoControl
SetEndOfFile
lstrlenA
GetTimeZoneInformation
GetLocaleInfoW
CreateFileW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetLocaleInfoA
GetStringTypeW
GetModuleFileNameA
GetDateFormatA
GetTimeFormatA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
LoadLibraryW
SetConsoleCtrlHandler
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
DebugBreak
FlushFileBuffers
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
CreateFileA
ReadFile
CloseHandle
WriteFile
CreateMutexA
GetLastError
DeleteFileA
ReleaseMutex
GetStringTypeA
LoadLibraryA
TlsGetValue
GetOEMCP
FreeLibrary
GetModuleHandleA
GetProcAddress
GetVersionExA
GetCurrentProcess
GetCurrentThread
SetPriorityClass
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetACP
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapValidate
IsBadReadPtr
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
FatalAppExitA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualQuery

user32

LoadCursorA
GetParent
EnableMenuItem
SetTimer
GetDesktopWindow
GetDC
ReleaseDC
GetMenu
GetMenuState
GetDlgItem
EndDialog
DialogBoxParamA
KillTimer
PostQuitMessage
SetFocus
DefWindowProcA
CallWindowProcA
GetClientRect
ShowWindow
UpdateWindow
DestroyWindow
SendMessageA
LoadIconA
RegisterClassExA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetWindowLongA
SetWindowLongA
CreateWindowExA
SetWindowPos
GetWindowRect
EnableWindow
EnumChildWindows
SetWindowTextA
LoadStringA
wsprintfA
EnumWindows
GetClassNameA
GetWindowTextA
MessageBoxA
LoadImageA

gdi32

GetBitmapBits
GetDIBits
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
CreateFontIndirectA
DeleteObject

comdlg32

GetSaveFileNameA

advapi32

CloseServiceHandle
RegQueryValueExA
CreateServiceA
StartServiceA
OpenSCManagerA
OpenServiceA
ControlService
DeleteService
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

Sections

.textbss
Size: - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 720KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.txt
װ˵.url
.url

Sharing

General

Malware Config

Signatures

Files

59344de7cf57ce7e10432362356c949d

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.textbss Size: - Virtual size: 343KB

.text Size: 720KB - Virtual size: 718KB

.rdata Size: 116KB - Virtual size: 112KB

.data Size: 1.6MB - Virtual size: 1.6MB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 364KB - Virtual size: 362KB

.textbss
Size: - Virtual size: 343KB

.text
Size: 720KB - Virtual size: 718KB

.rdata
Size: 116KB - Virtual size: 112KB

.data
Size: 1.6MB - Virtual size: 1.6MB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 364KB - Virtual size: 362KB