725e5ed8fa34e7c5928b22e09b8bf23bc8af5d4b8324d56e036a493e6068360d

Sharing

Copy URL

Twitter E-mail

General

Target

725e5ed8fa34e7c5928b22e09b8bf23bc8af5d4b8324d56e036a493e6068360d
Size

1014KB
MD5

7c1c2781f12e084f0e4468419c61a06a
SHA1

918b45fd4c8ddd19fa39821f38c3934484ff940e
SHA256

725e5ed8fa34e7c5928b22e09b8bf23bc8af5d4b8324d56e036a493e6068360d
SHA512

d0cb82c741cb2c3d792f65605aa9cc5f6534bd42d4a8f0883f315209ddc1c3e516acf307598400a32d1b50d01ce249479f5def7f5b1d5d2eb92996521893faa3
SSDEEP

24576:u/Eo/ybgHfWT7CkDjbe5KveqT/G6TbZq:2Ou27/jbekT+6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
725e5ed8fa34e7c5928b22e09b8bf23bc8af5d4b8324d56e036a493e6068360d

Files

725e5ed8fa34e7c5928b22e09b8bf23bc8af5d4b8324d56e036a493e6068360d
.exe windows:5 windows x86

b55227ede274e71926d82329254c247b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
htonl
inet_ntoa
ntohl
htons
WSAGetLastError
select
closesocket
send
recv
socket
gethostbyname
connect

vnetciu

VNCIU_StreamPlay
VNCIU_UserLogin
VNCIU_UserLogout
VNCIU_FileUploadControl
VNCIU_FileUploadDisconnect
VNCIU_FileUploadConnect
VNCIU_FileUploadCB
VNCIU_GetConfig
VNCIU_DeviceIsOnline
VNCIU_SetConfig
VNCIU_VoiceStreamConnect
VNCIU_FileDownloadConnect
VNCIU_FileDownloadCB
VNCIU_FileDownloadControl
VNCIU_FileDownloadDisconnect
VNCIU_StartUp
VNCIU_SetAttribute
VNCIU_CleanUp
VNCIU_StreamMediaControl
VNCIU_VoiceStreamDisconnect
VNCIU_StreamStop
VNCIU_RealStreamConnect
VNCIU_StreamOpenEx
VNCIU_StreamSetAIOverlayEnable
VNCIU_DeviceControl
VNCIU_RealStreamDisconnect

videonetclient

VideoNetClient_DeviceProbeStartV3
VideoNetClient_DeviceProbeRefreshV2
VideoNetClient_DeviceProbeRefresh
VideoNetClient_DeviceProbeSetConfig
VideoNetClient_SuperUserLogin
VNCLIENT_API_DeviceProbeGetConfig
VideoNetClient_DeviceProbeStopV2

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

configuration_ui_based_zwallinone

?Init@CCommonComandSender@@QAEXPAU_CUI_LOGIN_PARAM@@@Z
??1CCommonComandSender@@QAE@XZ
ShowSettingsWindow
SetDefaultSettingsPage
LoadLibraryAndInitFunction
ConfigurationUISetLoginparam
InitLowLevelFunction
?Set@CCommonComandSender@@QAEHW4eCUICommandConfig@@HHPBDPAXPAHW4eCUIConfigDirection@@@Z
CGITimeZoneStringToSeconds
?Get@CCommonComandSender@@QAEHW4eCUICommandConfig@@HHPBDPAXPAH@Z
??0CCommonComandSender@@QAE@XZ

libcurl

curl_slist_free_all
curl_easy_cleanup
curl_easy_perform
curl_easy_setopt
curl_easy_init
curl_slist_append
curl_global_cleanup
curl_global_init
curl_easy_getinfo

kernel32

FindNextFileW
FindClose
WritePrivateProfileStringW
ReleaseMutex
GetVersionExW
SetLastError
LoadLibraryW
GetModuleHandleW
GetProcAddress
GlobalReAlloc
MulDiv
GetTickCount
InterlockedDecrement
FreeLibrary
LocalFree
FormatMessageW
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
CompareStringA
lstrcmpA
EnumResourceLanguagesW
ReadFile
GetCurrentThread
GetModuleHandleA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
HeapReAlloc
GetPrivateProfileStringW
RaiseException
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFileSize
WriteFile
TerminateProcess
CopyFileW
GetWindowsDirectoryW
GetModuleFileNameW
SetUnhandledExceptionFilter
CreateMutexW
ExitProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetLongPathNameW
GetTempPathW
InterlockedIncrement
WideCharToMultiByte
lstrlenW
Sleep
GetLastError
MultiByteToWideChar
lstrlenA
FreeResource
GlobalFree
GlobalUnlock
FormatMessageA
LockResource
GlobalLock
GlobalAlloc
SizeofResource
LoadResource
FindResourceW
HeapFree
GetProcessHeap
HeapAlloc
WaitForSingleObject
CloseHandle
SetEvent
InterlockedExchange
CreateThread
CreateEventW
FindFirstFileW
GetCurrentDirectoryW
RtlUnwind
GetLocaleInfoW
ConvertDefaultLocale

user32

SetFocus
SetWindowPos
GetWindowTextW
GetWindowTextLengthW
GetWindowPlacement
SystemParametersInfoA
OffsetRect
GetMenu
CallWindowProcW
SetWindowPlacement
EqualRect
RegisterClassW
GetClassInfoExW
CreateWindowExW
SetMenu
TrackPopupMenu
MapWindowPoints
PeekMessageW
GetMessageTime
GetTopWindow
DispatchMessageW
GetForegroundWindow
RemovePropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
IsChild
WinHelpW
SendDlgItemMessageA
RegisterWindowMessageW
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
ValidateRect
TranslateMessage
GetMessageW
GetWindowThreadProcessId
DestroyMenu
BeginPaint
EndPaint
CharUpperW
RegisterClipboardFormatW
UnregisterClassW
GetSysColorBrush
MoveWindow
MessageBeep
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
GetSysColor
RedrawWindow
AdjustWindowRectEx
GetDlgItemTextA
GetWindowDC
ScreenToClient
GetMessagePos
GetParent
wsprintfW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
LoadMenuW
MessageBoxW
KillTimer
DrawIcon
GetSystemMetrics
SetPropW
GetWindowRect
DeleteMenu
GetSubMenu
CheckMenuItem
DrawMenuBar
SetMenuItemInfoW
SendMessageW
LoadIconW
GetLastActivePopup
SetForegroundWindow
ShowWindow
IsIconic
GetPropW
IsWindow
GetDesktopWindow
GetWindow
EnableWindow
PostMessageW
SetDlgItemTextA
GetClientRect
ReleaseDC
GetDC
UpdateWindow
InvalidateRect
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
SetActiveWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
UnhookWindowsHookEx
WindowFromPoint
ClientToScreen
CopyRect
IsWindowVisible
IsRectEmpty
GrayStringW
DrawTextExW
TabbedTextOutW
ReleaseCapture
GetCapture
SetCapture
PtInRect
GetFocus
GetCursorPos
GetKeyState
IntersectRect
DefWindowProcW
GetClassInfoW
SetRect
LoadCursorW
SetCursor
DrawTextW
SetTimer

gdi32

GetMapMode
GetStockObject
ExtSelectClipRgn
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
DeleteDC
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
GetTextExtentPoint32W
GetObjectW
GetDeviceCaps
GetBkColor
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetMapMode
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
ord12
PathRemoveFileSpecW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString

gdiplus

GdipCloneImage
GdipLoadImageFromStream
GdipLoadImageFromFile
GdipDrawImageRectI
GdipSetSmoothingMode
GdipGetImageWidth
GdipGetImageVerticalResolution
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipSaveImageToFile
GdipSetInterpolationMode
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapSetResolution
GdipSetCompositingMode

dbghelp

MiniDumpWriteDump

iphlpapi

GetAdaptersInfo
SendARP

Sections

.text
Size: 626KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b55227ede274e71926d82329254c247b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

vnetciu

videonetclient

version

configuration_ui_based_zwallinone

libcurl

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

dbghelp

iphlpapi

Sections

.text Size: 626KB - Virtual size: 626KB

.rdata Size: 155KB - Virtual size: 155KB

.data Size: 27KB - Virtual size: 48KB

.rsrc Size: 142KB - Virtual size: 142KB

.reloc Size: 61KB - Virtual size: 61KB

.text
Size: 626KB - Virtual size: 626KB

.rdata
Size: 155KB - Virtual size: 155KB

.data
Size: 27KB - Virtual size: 48KB

.rsrc
Size: 142KB - Virtual size: 142KB

.reloc
Size: 61KB - Virtual size: 61KB