vncviewer[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

vncviewer.exe
Size

356KB
MD5

1e447b068d464b4d3bb9096ba2b7614f
SHA1

d2df05f9be5abc2f4bd10538280529e4507bdbbd
SHA256

7c9fbecc1c81cf501709029b0df80a201519acd6445fcc66ea66108919120e20
SHA512

347e30e6fae9f592b1cac9a48d823671f674d04f8ce6144a10b20c48e8b0e076a10078080a4929591e784cbf099a1ce8d9c4fc58a1b41b84a5b40eacae64b79b
SSDEEP

6144:Mxs/J32yTk0mkFNC555lLtsRSeL5ICvzwLcHADVOunBVGn:MIBFNaXf+75ICvAcHADVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vncviewer.exe

Files

vncviewer.exe
.exe windows:4 windows x86

e0d5575fd5da566b2c101de2b2e2dfda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

GetModuleFileNameA
WriteConsoleA
OutputDebugStringA
GetStdHandle
AllocConsole
SetFilePointer
SetEndOfFile
FindNextFileA
GetVersionExA
GetLogicalDriveStringsA
DeleteFileA
SetFileTime
WriteFile
FindFirstFileA
GetPrivateProfileIntA
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
UnhandledExceptionFilter
GetDriveTypeA
FreeEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
GetCurrentDirectoryA
IsBadWritePtr
HeapReAlloc
HeapSize
VirtualFree
HeapCreate
VirtualAlloc
GetEnvironmentVariableA
SetLastError
HeapDestroy
SetUnhandledExceptionFilter
CreateThread
GetVersion
ExitThread
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetFileAttributesA
TerminateProcess
GetFullPathNameA
HeapAlloc
HeapFree
ExitProcess
RaiseException
InterlockedExchange
RtlUnwind
TlsGetValue
ResumeThread
GetCurrentProcess
GetCurrentThread
TlsAlloc
GetCurrentThreadId
TlsSetValue
DuplicateHandle
CreateSemaphoreA
SetThreadPriority
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
DeleteCriticalSection
GetEnvironmentStringsW
GetLastError
GetProcAddress
SetHandleCount
GetFileType
Sleep
IsBadCodePtr
MultiByteToWideChar
IsBadReadPtr
GetStringTypeW
GetCPInfo
GetStringTypeA
LCMapStringA
GetACP
GetOEMCP
LCMapStringW
CompareStringA
CompareStringW
FlushFileBuffers
CloseHandle
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringA
GetPrivateProfileStringA
Beep
ReadFile
CreateFileA
SetEnvironmentVariableA
SetStdHandle
FindClose
SetErrorMode

user32

SetClipboardViewer
GetDlgItemTextA
GetSystemMenu
SetDlgItemTextA
SetWindowTextA
EndDialog
DialogBoxParamA
CheckMenuItem
DrawMenuBar
AppendMenuA
GetWindowLongA
ShowWindow
CreateWindowExA
RegisterClassA
GetSysColorBrush
SetWindowPlacement
LoadCursorA
LoadIconA
SendMessageA
EnableMenuItem
SetForegroundWindow
GetMessageA
IsDialogMessageA
LoadKeyboardLayoutA
SetDlgItemInt
SetClassLongA
GetDlgCtrlID
GetKeyboardState
GetDlgItemInt
MapWindowPoints
DestroyAcceleratorTable
ToAscii
GetKeyState
OpenDesktopA
TranslateAcceleratorA
CreateAcceleratorTableA
FindWindowA
EnumDesktopWindows
CloseDesktop
TranslateMessage
GetClassNameA
PeekMessageA
EnableWindow
DispatchMessageA
GetWindowTextA
LoadImageA
CreateDialogParamA
GetDlgItem
GetSubMenu
DestroyIcon
DestroyMenu
TrackPopupMenu
GetMenuItemID
SetMenuDefaultItem
GetCursorPos
RegisterClassExA
LoadMenuA
EmptyClipboard
SetCursorPos
GetSystemMetrics
OpenClipboard
SetClipboardData
GetClipboardOwner
GetKeyboardLayoutNameA
GetClipboardData
CloseClipboard
EndPaint
SetScrollInfo
BeginPaint
GetForegroundWindow
SetTimer
PostMessageA
SetCursor
GetWindow
GetFocus
SetFocus
WindowFromPoint
ScreenToClient
MessageBoxA
ChangeClipboardChain
KillTimer
DestroyWindow
PostQuitMessage
DefWindowProcA
DrawTextA
ReleaseDC
GetDC
IsIconic
GetClientRect
ShowScrollBar
UpdateWindow
ScrollWindowEx
InvalidateRect
AdjustWindowRectEx
SystemParametersInfoA
SetRect
GetWindowPlacement
GetMenuState
GetWindowRect
SetWindowLongA
LoadStringA
SetWindowPos

gdi32

SetBkColor
UpdateColors
BitBlt
SetBkMode
CreatePalette
GdiFlush
CreateCompatibleDC
GetStockObject
GetDeviceCaps
CreateCompatibleBitmap
DeleteObject
SetTextColor
SelectObject
RealizePalette
ExtTextOutA
DeleteDC
StretchBlt
SelectPalette
GetClipBox
Rectangle
SetStretchBltMode
CreateFontIndirectA
SetPixelV
SetBrushOrgEx

comdlg32

GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

advapi32

RegOpenKeyA
RegEnumValueA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyA
RegSetValueA
RegCreateKeyExA

shell32

Shell_NotifyIconA

wsock32

WSACleanup
accept
WSAStartup
inet_ntoa
listen
WSAAsyncSelect
send
bind
WSAGetLastError
shutdown
recv
setsockopt
socket
ioctlsocket
gethostbyname
htons
connect
getpeername
closesocket

comctl32

CreateToolbarEx
ord17

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0d5575fd5da566b2c101de2b2e2dfda

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

wsock32

comctl32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 40KB - Virtual size: 42KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 40KB - Virtual size: 42KB

.rsrc
Size: 56KB - Virtual size: 52KB