Storm_V7[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Storm_V7.exe
Size

99KB
MD5

495801aee54422e28ecc9705e5bd3112
SHA1

c721d5dc8fb0edd3f451f00c7aaf58c947fe5e08
SHA256

0206415f2391cd1dfa83685a650663799e607bc9856294db0015f8903531b702
SHA512

b9f5ec5d7db17e1c2d78c8a73727cd553796185b6417faf1d0a5d47791d904a9cabd72d59de14d665a6632b596ba0d7f48482ee6772dfe2aad54efcd5650e5dc
SSDEEP

1536:jOvobVsU4VNDGtd2aKla5IgQAHwpjuqloybfVCzen5KeJ56X:iveuqtl5MAUjuyn9Z5nz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Storm_V7.exe

Files

Storm_V7.exe
.exe windows:6 windows x64 arch:x64

42cce8d72768962f165f6f59c89f831b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\moham\Desktop\StormFN-CPP-App\x64\Release\StormFN-CPP-App.pdb

Imports

kernel32

SetConsoleTextAttribute
GetStdHandle
WaitForSingleObject
CloseHandle
SetConsoleTitleW
GetExitCodeProcess
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlCaptureContext

shell32

ShellExecuteExA

msvcp140

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memmove
memcmp
memcpy
__std_exception_destroy
memset
__current_exception_context
__current_exception
_CxxThrowException
__C_specific_handler
__std_terminate
__std_exception_copy

api-ms-win-crt-stdio-l1-1-0

ungetc
setvbuf
fgetpos
__stdio_common_vsprintf
fsetpos
fread
fwrite
fputc
__p__commode
_set_fmode
__stdio_common_vfprintf
fgetc
_get_stream_buffer_pointers
fclose
fflush
__acrt_iob_func
_fseeki64

api-ms-win-crt-convert-l1-1-0

strtod
strtoll
strtoull

api-ms-win-crt-filesystem-l1-1-0

remove
_unlock_file
_lock_file

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

api-ms-win-crt-runtime-l1-1-0

__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_exit
_set_app_type
_initialize_onexit_table
_register_onexit_function
_crt_atexit
exit
terminate
_configure_narrow_argv
_initterm_e
_initterm
_get_initial_narrow_environment
_errno
_initialize_narrow_environment
__p___argc
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
_callnewh
malloc

api-ms-win-crt-math-l1-1-0

__setusermatherr
_dclass

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42cce8d72768962f165f6f59c89f831b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 1KB - Virtual size: 2KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 212B

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 212B