D:\a\t7x\t7x\build\bin\x64\Release\t7x.pdb
Static task
static1
1 signatures
General
-
Target
t7x.exe
-
Size
2.5MB
-
MD5
386f09c6e654d29e9bced065bdb12f4f
-
SHA1
383e7b0d0a657e4f21ef8f8dc8a1146aa8ef002a
-
SHA256
803d99d13514e3346d19456a51a2972790ca5e5695a4de75cf5700b8269efae1
-
SHA512
360e9e57909dbc99c4a2ce2cb1efcc53c779a71016c260ebcd9e82a5f5c7519bcb76cad26c2dff5e8f9ac405101de055d7b5a2275e5d6697727a4ad37247f729
-
SSDEEP
24576:rsvzLqkrN+EHDT1o4hlhY7Q521O+iozxjMx6ava4IiVYgA5F/nr+TKWpT3qEkmRu:Yvz1DKO0k8Ohoze6a1VY5FjVwWEkmrH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource t7x.exe
Files
-
t7x.exe.exe windows:6 windows x64 arch:x64
0a5a7c944b2afe9bacac7c161738b735
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
crypt32
CertCloseStore
CertEnumCertificatesInStore
CryptStringToBinaryA
CertFreeCertificateContext
PFXImportCertStore
CryptDecodeObjectEx
CertGetCertificateChain
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CryptProtectData
CertOpenStore
CryptQueryObject
CertFreeCertificateChain
CertGetNameStringA
CertFindExtension
CertCreateCertificateChainEngine
CertFindCertificateInStore
kernel32
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
RtlUnwind
SetThreadContext
GetThreadContext
HeapDestroy
HeapCreate
MoveFileExA
FormatMessageW
SleepEx
GetEnvironmentVariableA
VerifyVersionInfoW
CreateEventA
SetEvent
CreateMutexExA
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetLargePageMinimum
InitializeCriticalSection
OpenProcess
AddVectoredExceptionHandler
GetProcAddress
GetVolumeInformationA
LocalFree
CreateMutexA
GetLastError
CloseHandle
SetProcessAffinityMask
GetProcessAffinityMask
MulDiv
SetConsoleTitleA
OutputDebugStringA
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
CreateThread
GetTickCount64
DeleteCriticalSection
GetSystemDirectoryA
InitializeCriticalSectionEx
GetTickCount
WaitForSingleObject
GetCommandLineA
ExitProcess
VirtualProtect
GetModuleHandleA
AttachConsole
AllocConsole
GetConsoleWindow
SetEnvironmentVariableA
GetCurrentThreadId
GetVersionExA
SetUnhandledExceptionFilter
GetCurrentDirectoryA
DecodePointer
WriteConsoleW
SetEndOfFile
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
HeapSize
GetConsoleOutputCP
GetFileSizeEx
ReadConsoleW
GetConsoleMode
SetFilePointerEx
HeapReAlloc
GetTimeZoneInformation
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapAlloc
GetStdHandle
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InterlockedPushEntrySList
ReadFile
WriteFile
PeekNamedPipe
CreateFileW
WaitNamedPipeW
lstrlenW
GetModuleFileNameW
SizeofResource
FindResourceA
GetModuleHandleExA
LoadLibraryA
LockResource
LoadResource
FreeLibrary
CreateProcessA
VirtualFree
VirtualAlloc
GetSystemInfo
FlushInstructionCache
GetSystemFirmwareTable
VirtualQuery
GetCommandLineW
Thread32Next
Thread32First
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
GetThreadId
OpenThread
DeleteFileW
MoveFileW
SetFilePointer
GetTempPathA
CreateFileA
GetTempFileNameA
FlushFileBuffers
ReleaseMutex
IsDebuggerPresent
OutputDebugStringW
RaiseException
EnterCriticalSection
LeaveCriticalSection
ReleaseSRWLockExclusive
MultiByteToWideChar
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
Sleep
GetExitCodeThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileInformationByHandle
AreFileApisANSI
DeviceIoControl
GetModuleHandleW
CopyFileW
GetFileInformationByHandleEx
CreateSymbolicLinkW
WideCharToMultiByte
GetLocaleInfoEx
WakeAllConditionVariable
SleepConditionVariableSRW
IsProcessorFeaturePresent
GetModuleHandleExW
GetSystemTimeAsFileTime
EncodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetStringTypeW
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetStartupInfoW
RtlUnwindEx
AcquireSRWLockExclusive
user32
RegisterClassExA
DefWindowProcA
GetWindowRect
SetWindowPos
SetWindowRgn
UpdateWindow
IsWindow
ShowCursor
DispatchMessageW
GetWindowTextW
GetSystemMetrics
GetWindowTextA
LoadIconA
PostQuitMessage
UnregisterClassA
MessageBoxA
GetClientRect
SetForegroundWindow
GetMessageA
DispatchMessageA
MoveWindow
GetWindowLongPtrA
SetProcessDPIAware
TranslateMessage
PeekMessageW
ShowWindow
LoadCursorA
RegisterClassA
AdjustWindowRect
GetDC
GetDesktopWindow
ReleaseDC
CreateWindowExA
SendMessageA
SetWindowLongPtrA
SetFocus
SetWindowTextA
DestroyWindow
gdi32
CreateFontA
CreateRoundRectRgn
CreateBitmap
GetDeviceCaps
SetTextColor
SetBkColor
CreateSolidBrush
DeleteObject
advapi32
CryptAcquireContextW
CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
GetUserNameA
RegCreateKeyExA
GetCurrentHwProfileA
shell32
ShellExecuteA
SHGetKnownFolderPath
CommandLineToArgvW
ole32
OleSetContainedObject
OleUninitialize
OleInitialize
CoUninitialize
CoGetClassObject
CoCreateInstance
CoInitialize
CoTaskMemFree
oleaut32
VariantCopy
VariantClear
VariantInit
SysAllocString
ntdll
RtlPcToFileHeader
VerSetConditionMask
NtQueryObject
ws2_32
bind
ntohs
htons
htonl
setsockopt
socket
ioctlsocket
select
WSASetLastError
__WSAFDIsSet
recvfrom
sendto
recv
getaddrinfo
WSAStartup
WSACleanup
WSAEnumNetworkEvents
getsockopt
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSACreateEvent
WSACloseEvent
WSAGetLastError
WSAIoctl
listen
accept
freeaddrinfo
getpeername
getsockname
gethostbyname
connect
closesocket
send
ntohl
dwmapi
DwmSetWindowAttribute
dbghelp
MiniDumpWriteDump
bcrypt
BCryptGenRandom
Exports
Exports
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 450KB - Virtual size: 449KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 150KB - Virtual size: 400KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 582KB - Virtual size: 581KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ