fc69883325d8ae5090fce1369880a824af9ca79e19242c7db071f5076b1d0511

Sharing

Copy URL

Twitter E-mail

General

Target

fc69883325d8ae5090fce1369880a824af9ca79e19242c7db071f5076b1d0511
Size

2.6MB
MD5

4f408a2d7d3bcf1c6ed7e92412dc7d6e
SHA1

7300b1dc6290366f12787c978448f01fcd32284b
SHA256

fc69883325d8ae5090fce1369880a824af9ca79e19242c7db071f5076b1d0511
SHA512

4b0c0211a146bb70962f7023b8b804894d73e6cfd68b48dbed3e9197b4e1c5b6cd378dde88d6dbd4025c2d5f276441b5dddb417ed6b08d6fd4c754ce89c5c7f2
SSDEEP

24576:2+ZXs3fzbxEh5tFyv/Imb4m4OlDqoYw833Cxrfiu3j1yvwO7jq3eeS62q:2+23L0y7Em3op36rfiEpmwO7jueeaq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc69883325d8ae5090fce1369880a824af9ca79e19242c7db071f5076b1d0511

Files

fc69883325d8ae5090fce1369880a824af9ca79e19242c7db071f5076b1d0511
.exe windows:6 windows x86 arch:x86

a1729f7e7a1bbc035049731ac5bbf78e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\.jenkins\workspace\PCStore\PCStoreMain\bin\Release\PCStore.pdb

Imports

kernel32

CopyFileW
GetCommandLineW
FileTimeToSystemTime
FindNextFileW
FindFirstFileA
FindClose
GetOverlappedResult
CreateNamedPipeW
SetNamedPipeHandleState
DisconnectNamedPipe
ConnectNamedPipe
CreateFileW
CreateMutexW
ReleaseMutex
ResetEvent
lstrcmpiA
WritePrivateProfileStringW
GetPrivateProfileIntW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MoveFileExW
GetPrivateProfileStringW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetTickCount
GetProcessId
GetStartupInfoW
CreateProcessW
GetCurrentThread
Sleep
OutputDebugStringW
GetTempPathW
WriteFile
SetFileAttributesW
SetFileAttributesA
SetEndOfFile
RemoveDirectoryW
ReadFile
GetFileSize
GetFileAttributesW
GetFileAttributesA
DeleteFileW
CreateFileA
lstrlenW
lstrcpynW
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
FreeLibrary
WaitForMultipleObjects
CreateEventW
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadReadPtr
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FindResourceExW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
ExitThread
GetFileAttributesExW
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
FlushFileBuffers
GetSystemWindowsDirectoryW
GetSystemDirectoryW
lstrcmpA
DeviceIoControl
InitializeSListHead
VirtualProtect
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
SetUnhandledExceptionFilter
CloseHandle
TerminateProcess
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetShortPathNameW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
GetLocalTime
ResumeThread
InterlockedCompareExchange
InterlockedExchange
GetTempFileNameW
RaiseException
DecodePointer
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
GetVersionExW
OpenFileMappingW
GetFileSizeEx
SetFilePointer
GetStringTypeW
FormatMessageW
TryEnterCriticalSection
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
EncodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LocalFree
InterlockedIncrement
InterlockedDecrement
MulDiv
FreeResource
lstrcmpW
GetACP
ExitProcess
GetVersion

user32

PostMessageW
MonitorFromPoint
GetMessageW
DispatchMessageW
CreateWindowExW
IsChild
DestroyWindow
UpdateLayeredWindow
IsWindowVisible
IsZoomed
CharNextW
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
CreateCaret
BringWindowToTop
SetCaretPos
ScreenToClient
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
GetParent
GetClassNameW
GetWindow
MonitorFromWindow
CharPrevW
DrawTextW
SetRect
DrawIconEx
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
SetPropW
GetPropW
LoadCursorW
wvsprintfW
SetCursor
InflateRect
OffsetRect
RemovePropW
IsIconic
SetWindowRgn
MessageBoxW
HideCaret
ShowCaret
ClientToScreen
GetSysColor
GetWindowDC
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
FillRect
IsWindowEnabled
MoveWindow
ShowWindow
IsWindow
AttachThreadInput
RegisterWindowMessageW
GetCaretBlinkTime
TranslateMessage
GetFocus
PostQuitMessage
LoadIconW
SendMessageW
LoadImageW
SetWindowLongW
SetActiveWindow
KillTimer
SetTimer
SystemParametersInfoW
GetWindowLongW
SetFocus
SetWindowPos
wsprintfW
EnumDisplayMonitors
GetMonitorInfoW
GetIconInfo
DestroyIcon
GetWindowThreadProcessId
FindWindowExW
FindWindowW
PtInRect
CopyRect
GetCursorPos
GetWindowRect
SetWindowTextW
ReleaseDC
GetDC
SetForegroundWindow
GetForegroundWindow

gdi32

SetWindowOrgEx
CombineRgn
CreateRectRgnIndirect
CreateRoundRectRgn
GetCharABCWidthsW
GetTextMetricsW
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SelectObject
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
SetDIBColorTable
TextOutW
ExtTextOutW
CreateDCW
SetDIBitsToDevice
CreateSolidBrush
SaveDC
RestoreDC
Rectangle
DeleteObject
GetStockObject
GetDIBits
GetDeviceCaps
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
SetBkMode
GetObjectW
GetClipBox

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
OpenProcessToken
OpenThreadToken
AllocateAndInitializeSid
RegNotifyChangeKeyValue
RegEnumKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
QueryServiceStatus
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegGetValueW
GetTokenInformation
FreeSid
EqualSid

shell32

ord165
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
ord727
ord680
SHChangeNotify

ole32

CoCreateGuid
CoTaskMemFree
CoUninitialize
CoInitialize
OleUninitialize
CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize

oleaut32

SysAllocString
SafeArrayCreate
SafeArrayPutElement
VariantInit
VariantClear

shlwapi

PathAddBackslashW
StrFormatByteSizeA
wnsprintfW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
PathCombineW
PathFindFileNameW
PathIsDirectoryW
StrTrimA
StrCmpNIW
SHSetValueA
SHGetValueA
StrCmpIW
SHAutoComplete
PathFindExtensionW
SHCreateStreamOnFileEx
StrFormatByteSizeW
ord487
SHDeleteKeyW
StrStrIW
StrStrIA

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

gdiplus

GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipLoadImageFromFile
GdipCloneImage
GdipImageGetFrameDimensionsList
GdipSaveImageToStream
GdipGetPropertyItemSize
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipDrawEllipseI
GdipFree
GdipAlloc
GdipImageGetFrameCount
GdipDisposeImage
GdipImageSelectActiveFrame
GdipAddPathArc
GdipDrawImageRectRectI
GdipDrawImagePointsI
GdipFillPath
GdipGetPropertyItem
GdipCreateBitmapFromScan0
GdipCreatePen1
GdipGraphicsClear
GdipSetInterpolationMode
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipBitmapUnlockBits
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipAddPathArcI
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

comctl32

InitCommonControlsEx
ImageList_DrawEx
_TrackMouseEvent
ord17

msimg32

GradientFill
AlphaBlend

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 797KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 150KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1729f7e7a1bbc035049731ac5bbf78e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

gdiplus

version

crypt32

wintrust

comctl32

msimg32

wininet

iphlpapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 289KB - Virtual size: 289KB

.data Size: 28KB - Virtual size: 54KB

.rsrc Size: 797KB - Virtual size: 796KB

.reloc Size: 150KB - Virtual size: 152KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 289KB - Virtual size: 289KB

.data
Size: 28KB - Virtual size: 54KB

.rsrc
Size: 797KB - Virtual size: 796KB

.reloc
Size: 150KB - Virtual size: 152KB