Advanced_Ip_Scanner (6)[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Advanced_Ip_Scanner (6).exe
Size

8.4MB
MD5

183276d2ea0740a8e92b3cff7abef725
SHA1

515e0f80316ef008daf3d35cc151725f5f67d7b8
SHA256

cfc96915cf2b504d69b83ff89d3f961ce3c46ead4aca9145858d33fcfd662696
SHA512

a7d39260e5b55aa0343fc7423391a559fea1d323029b45a41c7cb420d76be63594ab74e3c988f0fa424ae8163ecbbefc1c2c6e37a48d9379ffdc477cea4c4016
SSDEEP

98304:5fIn9nFaZ5f0OGX9AUWL/P+S0elictwj7Sz+2fRfNZD0I+8NnOCd8g39:5fIn9nFc50G+pelicW3SPftNlF98g39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Advanced_Ip_Scanner (6).exe

Files

Advanced_Ip_Scanner (6).exe
.exe windows:4 windows x86

0d37842317e412d1903c4dc7f43fc0ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
SetErrorMode
lstrlenW
PeekNamedPipe
GetUserDefaultLCID
WaitForMultipleObjects
GetCPInfo
CancelIo
HeapFree
LoadResource
LocalFree
LoadLibraryExW
FreeResource
SetEndOfFile
GetTimeZoneInformation
GetModuleHandleW
GetLogicalDriveStringsW
GetShortPathNameW
GetPrivateProfileStringW
InterlockedExchange
GlobalLock
GetVersionExW
GetCurrentThreadId
Sleep
GetLocaleInfoW
CreateEventW
InterlockedExchangeAdd
ReadFile
LoadLibraryW
GetTempPathW
FindFirstFileW
EnterCriticalSection
FlushFileBuffers
ReadProcessMemory
SetThreadPriority
SetEvent
VerifyVersionInfoW
DisconnectNamedPipe
MoveFileW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
SetFilePointerEx
WideCharToMultiByte
CreateDirectoryW
GetFileTime
FindClose
GlobalFree
InitializeCriticalSection
GetCurrentThread
WaitForSingleObject
GetVersionExA
FreeLibrary
MulDiv
SetFilePointer
SetFileAttributesW
GetFileSizeEx
MoveFileExW
RemoveDirectoryW
VerSetConditionMask
CreateFileW
LeaveCriticalSection
FindNextFileW
GetTickCount
DeleteCriticalSection
ResetEvent
CloseHandle
WriteFile
LoadLibraryA
GetProcAddress
OpenProcess
GetFileAttributesW
GetModuleFileNameA
GetOverlappedResult
lstrlenA
CreateFileA
SetEnvironmentVariableA
ReleaseMutex
GetStdHandle
CreateThread
SetLastError
GetEnvironmentVariableW
SetUnhandledExceptionFilter
GetStartupInfoW
CreateMutexW
Process32FirstW
UnmapViewOfFile
GlobalMemoryStatusEx
GetFileAttributesA
MapViewOfFile
CreatePipe
GetCurrentDirectoryW
TerminateProcess
QueryPerformanceFrequency
LocalAlloc
RtlCaptureContext
GetCommandLineW
GetModuleFileNameW
lstrcpyW
SetFileTime
ResumeThread
CreateNamedPipeW
SuspendThread
ConnectNamedPipe
GetCurrentProcess
GetThreadContext
QueryPerformanceCounter
VirtualQuery
SetEnvironmentVariableW
CreateToolhelp32Snapshot
Process32NextW
GetDiskFreeSpaceExW
DuplicateHandle
SetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
ProcessIdToSessionId
ExitProcess
GetCurrentDirectoryA
GetComputerNameW
OpenFileMappingW
CreateFileMappingW
WaitNamedPipeW
GetSystemTime
GetSystemInfo
LockResource
GetACP
HeapAlloc
GetLastError
FileTimeToSystemTime
GetPrivateProfileIntW
GlobalAlloc
GetProcessHeap
GetCurrentProcessId
DeviceIoControl
GetPrivateProfileSectionNamesW
SizeofResource
GetDriveTypeW
FindResourceW
GlobalUnlock
GlobalHandle
CreateProcessW
DeleteFileW
CopyFileW
GetThreadPriority
GlobalSize
GetFileSize
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
RtlUnwind
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
TlsFree
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapSize

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
AllocateAndInitializeSid
CheckTokenMembership
CryptEncrypt
GetSidLengthRequired
SetSecurityDescriptorDacl
CryptCreateHash
GetAce
InitializeAcl
CryptDeriveKey
RegSetValueExW
GetSidSubAuthority
RegDeleteKeyW
SetFileSecurityW
RegDeleteValueW
CryptDuplicateKey
AddAccessAllowedAce
InitializeSecurityDescriptor
CryptAcquireContextW
CryptDestroyHash
CryptHashData
InitializeSid
RegSetKeySecurity
CryptDestroyKey
CryptDecrypt
DuplicateTokenEx
FreeSid
OpenProcessToken
GetUserNameW

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

gdi32

CreateDIBSection
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetPixel
GetTextMetricsA
SetDCBrushColor
GetBitmapBits
SetWindowExtEx
CreateBrushIndirect
IntersectClipRect
CombineRgn
ExtTextOutW
GetTextCharset
SelectClipRgn
GetDIBits
GetWindowExtEx
GetObjectA
GetClipBox
GetViewportExtEx
SetBitmapBits
CreateRectRgnIndirect
SetDIBits
GetTextExtentPoint32W
Polygon
SetDIBitsToDevice
CreateRoundRectRgn
TextOutW
SetTextColor
StretchBlt
CreatePen
LineTo
SetBkMode
GetObjectW
GetStockObject
SetStretchBltMode
CreateSolidBrush
BitBlt
PolyPolyline
SetBkColor
CreateFontIndirectW
CreateCompatibleBitmap
Polyline
MoveToEx
GetRgnBox
CreateRectRgn
SelectObject
SetBrushOrgEx
CreatePatternBrush
CreateBitmap
GetBkMode
GetTextMetricsW
DeleteDC
GetCurrentObject
CreateCompatibleDC
CreateFontW
DeleteObject
GetRegionData
PolyDraw
CreateDIBitmap
GetDeviceCaps
PtInRegion

ole32

StringFromCLSID
CoResumeClassObjects
CoGetMalloc
CoCreateInstance
CLSIDFromString
CoRegisterClassObject
CoAddRefServerProcess
CreateStreamOnHGlobal
CoRevokeClassObject
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
PropVariantClear
CoTaskMemFree

oleaut32

OleLoadPicturePath
VariantClear
SysFreeString
VariantInit
OleLoadPicture
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysStringByteLen

shell32

ShellExecuteExW
ShellExecuteA
SHParseDisplayName
SHGetDesktopFolder
ord155
DragQueryFileW
DragAcceptFiles
SHCreateShellItem
DragFinish
ord680
SHGetMalloc
SHEmptyRecycleBinW
SHGetPathFromIDListW
SHGetFolderPathW
ShellExecuteW
DragQueryPoint
SHChangeNotify
CommandLineToArgvW
SHBrowseForFolderW
Shell_NotifyIconW

shlwapi

StrCmpLogicalW
SHDeleteEmptyKeyW
PathCompactPathExW
SHDeleteKeyW

user32

GetFocus
DestroyWindow
MapWindowPoints
EmptyClipboard
CloseClipboard
CopyImage
SetWindowLongW
GetClientRect
IsWindowEnabled
EndPaint
DestroyMenu
RegisterClassW
InvalidateRect
SetActiveWindow
SendDlgItemMessageW
GetAsyncKeyState
CreateDialogIndirectParamW
SetDlgItemInt
DeleteMenu
GetWindowRect
ScrollWindowEx
CreateWindowExW
EnableMenuItem
GetScrollInfo
KillTimer
LoadImageW
SetScrollInfo
ScreenToClient
DrawTextW
IsWindow
GetUpdateRgn
IsIconic
ModifyMenuW
GetParent
GetDlgItemInt
MoveWindow
SetMenuItemInfoW
GetDC
PtInRect
InsertMenuItemW
ReleaseDC
GetWindowPlacement
GetScrollBarInfo
RedrawWindow
GetClassNameW
SetWindowsHookExW
GetDesktopWindow
ShowWindow
ClientToScreen
GetMenuItemInfoW
GetActiveWindow
GetForegroundWindow
IsClipboardFormatAvailable
GetCursor
CheckDlgButton
SetCapture
IsDlgButtonChecked
FlashWindowEx
WindowFromPoint
GetAncestor
CallNextHookEx
GetKeyNameTextW
OffsetRect
GetWindowWord
GetDlgItemTextW
DialogBoxIndirectParamW
GetClipboardFormatNameW
EnumDisplaySettingsW
ValidateRect
DrawIconEx
MapDialogRect
MonitorFromWindow
EnumThreadWindows
SetMenuInfo
GetUpdateRect
MsgWaitForMultipleObjects
GetIconInfo
DrawStateW
EqualRect
LoadStringW
GetClassNameA
SetClipboardData
GetSysColorBrush
EndDialog
RemovePropW
GetSysColor
ShowScrollBar
GetWindowTextW
BeginDeferWindowPos
SetWindowWord
SetDlgItemTextW
GetWindow
PostQuitMessage
InflateRect
DeferWindowPos
GetPriorityClipboardFormat
DestroyCursor
CallWindowProcW
GetMonitorInfoW
GetKeyboardState
GetWindowThreadProcessId
GetSubMenu
MapVirtualKeyW
GetComboBoxInfo
WindowFromDC
AdjustWindowRectEx
SetForegroundWindow
EndMenu
AttachThreadInput
DrawEdge
EnumWindows
EndDeferWindowPos
GetMenuInfo
EnumChildWindows
LoadIconW
RegisterClipboardFormatW
keybd_event
GetClassInfoW
FindWindowW
GetMenuBarInfo
MonitorFromPoint
PeekMessageW
IsWindowVisible
SetMenu
GetWindowTextLengthW
CountClipboardFormats
InvalidateRgn
GetMenuItemCount
EnumDisplayMonitors
GetNextDlgGroupItem
SetWindowPlacement
wsprintfW
IsCharAlphaW
FindWindowExW
RegisterDeviceNotificationW
UnregisterDeviceNotification
SetMenuDefaultItem
EnumDisplayDevicesW
GetCursorInfo
SetWindowPos
TranslateMessage
AllowSetForegroundWindow
CheckMenuRadioItem
SetWindowTextW
RemoveMenu
SetPropW
GetKeyState
InsertMenuW
AppendMenuW
GetClipboardData
GetWindowDC
GetWindowLongW
DrawFocusRect
SetFocus
WaitForInputIdle
SetMenuItemBitmaps
IsDialogMessageW
IsZoomed
SetClassLongW
DestroyIcon
CreateDialogParamW
SystemParametersInfoW
SetTimer
FrameRect
CheckMenuItem
DialogBoxParamW
SetCursor
GetDlgItem
EnableWindow
LoadCursorW
ReleaseCapture
FillRect
GetMessageW
OpenClipboard
GetCapture
CreatePopupMenu
UnhookWindowsHookEx
GetSystemMetrics
SendMessageW
TrackPopupMenu
PostMessageW
SetWindowRgn
DispatchMessageW
BeginPaint
DefWindowProcW
GetPropW
UpdateWindow
GetMenu
GetDlgCtrlID
MessageBoxW

winmm

waveInReset
midiStreamOpen
midiInGetNumDevs
mixerGetID
waveInClose
waveInOpen
midiInClose
waveOutUnprepareHeader
waveOutGetDevCapsW
waveInAddBuffer
waveOutSetVolume
waveInGetDevCapsW
midiStreamRestart
waveOutClose
waveInPrepareHeader
waveInMessage
midiStreamOut
midiInStart
waveOutRestart
waveInStart
waveOutPause
waveOutReset
mixerGetLineInfoW
midiInGetDevCapsW
waveInUnprepareHeader
waveOutPrepareHeader
midiOutGetNumDevs
waveInGetNumDevs
midiOutGetDevCapsW
waveOutOpen
waveOutWrite
midiOutPrepareHeader
waveInStop
midiInStop
midiStreamStop
midiOutShortMsg
midiOutUnprepareHeader
midiStreamProperty
midiStreamClose
waveOutGetPosition
midiStreamPause
midiInOpen
waveOutGetNumDevs

msimg32

AlphaBlend
GradientFill
TransparentBlt

wininet

InternetQueryOptionA
InternetGetConnectedState

crypt32

CertFreeCertificateContext
CertCloseStore
CertVerifySubjectCertificateContext
CryptQueryObject
CertFindCertificateInStore

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 590KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stls
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Erot
Size: 857KB - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.corinne
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gilliga
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d37842317e412d1903c4dc7f43fc0ea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comdlg32

gdi32

ole32

oleaut32

shell32

shlwapi

user32

winmm

msimg32

wininet

crypt32

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 648KB - Virtual size: 647KB

.data Size: 51KB - Virtual size: 590KB

.stls Size: 512B - Virtual size: 88B

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 253KB - Virtual size: 253KB

Erot Size: 857KB - Virtual size: 857KB

.corinne Size: 512B - Virtual size: 4KB

.gilliga Size: 512B - Virtual size: 512B

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 648KB - Virtual size: 647KB

.data
Size: 51KB - Virtual size: 590KB

.stls
Size: 512B - Virtual size: 88B

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 253KB - Virtual size: 253KB

Erot
Size: 857KB - Virtual size: 857KB

.corinne
Size: 512B - Virtual size: 4KB

.gilliga
Size: 512B - Virtual size: 512B