RemoteControl3[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

RemoteControl3.exe
Size

2.1MB
MD5

8f2cf2d8bce20522ad3b0e8c60188c29
SHA1

4fb36d60ec6c0923f1987cf954ecf84fa2a14438
SHA256

8a6b4df727bf50b7fb950367245d95e0b94b1ad36b1a70857f3736847ec5f08e
SHA512

bbcf044a50d9c66808d377aac199002f6a108e7f468281b389672622bda6731e02b9a9f9013eafbe1299247e142fb5f1d20bcf75d9a488d16ae2953d635bdbee
SSDEEP

49152:2HOijcMzPUbXhZZV2Y0kEpgkn9llt84T3JsKxNA74P/:8zPWZZV2Y0kEpgkn9llt8ksmA74P/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RemoteControl3.exe

Files

RemoteControl3.exe
.exe windows:4 windows x86 arch:x86

c33fd87ca920e71910cdea09a57bd4e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetClipBox
GetStockObject
SelectObject

iphlpapi

GetAdaptersInfo

kernel32

CloseHandle
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTempPathA
GetTickCount
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalLock
GlobalSize
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

_fdopen
_getcwd
_lseek
_mkdir
_read
_setmode
_stat
_strdup
_unlink
_utime
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_filbuf
_flsbuf
_fstat64
_iob
_onexit
_setmode
abort
atexit
atoi
atol
calloc
ctime
exit
fclose
fflush
fgetc
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getwc
iswctype
localeconv
localtime
malloc
memchr
memcmp
memcpy
memmove
memset
perror
pow
putwc
raise
rand
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strtod
strtoul
strxfrm
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
vsprintf
wcscoll
wcsftime
wcslen
wcsxfrm

ole32

CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
OleInitialize
OleUninitialize

shell32

DragAcceptFiles
DragQueryFileA
DragQueryPoint
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

user32

ChildWindowFromPoint
CreateIconIndirect
FillRect
GetCursorPos
GetDC
ReleaseDC
ScreenToClient
WindowFromPoint

winmm

PlaySoundA

wsock32

WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
gethostname
getsockname
htons
inet_addr
inet_ntoa
ioctlsocket
listen
recv
recvfrom
select
send
sendto
setsockopt
socket

libgdk-win32-2.0-0

gdk_color_parse
gdk_cursor_new
gdk_window_set_cursor
gdk_window_get_root_origin
gdk_window_get_toplevel
gdk_atom_name
gdk_event_get_time
gdk_win32_drawable_get_handle
gdk_window_add_filter
gdk_drawable_get_colormap
gdk_pixbuf_render_pixmap_and_mask_for_colormap

libgdk_pixbuf-2.0-0

gdk_pixbuf_get_width
gdk_pixbuf_scale_simple
gdk_pixbuf_new_from_file_utf8
gdk_pixbuf_get_height
gdk_pixbuf_get_has_alpha
gdk_pixbuf_get_pixels
gdk_pixbuf_get_rowstride

libglib-2.0-0

g_strdup
g_timeout_add
g_list_append
g_list_free
g_return_if_fail_warning
g_assertion_message_expr
g_malloc0_n
g_free
g_slist_nth_data
g_slist_length
g_slist_free
g_filename_from_uri_utf8
g_utf8_validate
g_locale_from_utf8
g_error_free

libgobject-2.0-0

g_type_check_instance_cast
g_signal_connect_data
g_object_set
g_type_class_peek_parent
g_type_check_instance_is_a
g_type_register_static
g_type_add_interface_static
g_value_init
g_object_new
g_object_get
g_object_unref
g_signal_stop_emission_by_name
g_value_set_int
g_value_set_object
g_value_set_string
g_object_ref

libgtk-win32-2.0-0

gtk_set_locale
gtk_init_abi_check
gtk_window_get_type
gtk_window_set_icon
gtk_main
gtk_window_new
gtk_widget_set_name
gtk_object_get_type
gtk_object_set_data
gtk_window_set_title
gtk_window_set_position
gtk_window_set_default_size
gtk_window_set_policy
gtk_vbox_new
gtk_widget_ref
gtk_widget_unref
gtk_object_set_data_full
gtk_widget_show
gtk_container_get_type
gtk_container_add
gtk_frame_new
gtk_container_set_border_width
gtk_box_get_type
gtk_box_pack_start
gtk_hbox_new
gtk_label_new
gtk_widget_set_usize
gtk_misc_get_type
gtk_misc_set_alignment
gtk_entry_new
gtk_box_pack_end
gtk_combo_new
gtk_combo_get_type
gtk_combo_set_popdown_strings
gtk_entry_get_type
gtk_entry_set_text
gtk_label_get_type
gtk_label_set_justify
gtk_entry_set_visibility
gtk_check_button_new_with_label
gtk_toggle_button_get_type
gtk_toggle_button_set_active
gtk_hbutton_box_new
gtk_button_box_get_type
gtk_button_box_set_layout
gtk_box_set_spacing
gtk_button_box_set_child_size
gtk_button_box_set_child_ipadding
gtk_button_new_from_stock
gtk_signal_connect_full
gtk_main_quit
gtk_hpaned_new
gtk_paned_get_type
gtk_paned_set_position
gtk_scrolled_window_new
gtk_paned_pack1
gtk_scrolled_window_get_type
gtk_scrolled_window_set_policy
gtk_scrolled_window_set_shadow_type
gtk_tree_model_get_type
gtk_tree_view_new_with_model
gtk_tree_view_get_type
gtk_tree_view_set_enable_search
gtk_tree_view_set_fixed_height_mode
gtk_cell_renderer_pixbuf_new
gtk_tree_view_column_new_with_attributes
gtk_tree_view_column_set_fixed_width
gtk_tree_view_column_set_sizing
gtk_tree_view_column_set_sort_column_id
gtk_tree_view_append_column
gtk_cell_renderer_text_new
gtk_tree_view_column_set_resizable
gtk_tree_view_column_set_alignment
gtk_tree_sortable_get_type
gtk_tree_sortable_set_sort_column_id
gtk_tree_view_get_selection
gtk_paned_pack2
gtk_entry_set_editable
gtk_text_view_new
gtk_text_view_get_type
gtk_text_view_set_left_margin
gtk_text_view_set_right_margin
gtk_text_view_set_wrap_mode
gtk_text_view_set_editable
gtk_text_view_set_cursor_visible
gtk_button_new_with_label
gtk_fixed_new
gtk_image_new_from_file_utf8
gtk_fixed_get_type
gtk_fixed_put
gtk_event_box_new
gtk_widget_set_events
gtk_widget_modify_bg
gtk_event_box_get_type
gtk_event_box_set_visible_window
gtk_image_new
gtk_image_get_type
gtk_image_set_from_pixbuf
gtk_widget_modify_fg
gtk_widget_modify_font
gtk_widget_set_size_request
gtk_notebook_new
gtk_notebook_get_type
gtk_notebook_set_scrollable
gtk_menu_bar_new
gtk_menu_item_new_with_label
gtk_menu_new
gtk_menu_item_get_type
gtk_menu_item_set_submenu
gtk_menu_get_type
gtk_notebook_set_tab_detachable
gtk_notebook_set_tab_reorderable
gtk_widget_modify_base
gtk_widget_modify_text
gtk_notebook_get_nth_page
gtk_notebook_set_tab_label_text
gtk_rc_parse_string
gtk_tree_selection_set_mode
gtk_notebook_set_tab_label
gtk_misc_set_padding
gtk_combo_box_new_text
gtk_combo_box_get_type
gtk_combo_box_append_text
gtk_vpaned_new
gtk_widget_grab_focus
gtk_scrolled_window_get_hadjustment
gtk_scrolled_window_get_vadjustment
gtk_text_view_get_buffer
gtk_list_store_new
gtk_tree_view_set_headers_visible
gtk_tree_store_new
gtk_tree_view_column_new
gtk_tree_view_set_expander_column
gtk_object_set
gtk_tree_view_column_pack_start
gtk_tree_view_column_set_attributes
gtk_tree_view_column_set_title
gtk_target_list_new
gtk_widget_realize
gtk_drag_dest_set
gtk_menu_item_new
gtk_widget_set_sensitive
gtk_file_selection_new
gtk_file_selection_get_type
gtk_combo_box_set_active
gtk_table_new
gtk_table_get_type
gtk_table_set_row_spacings
gtk_table_attach
gtk_clist_new
gtk_clist_get_type
gtk_clist_set_column_width
gtk_clist_set_selection_mode
gtk_clist_column_titles_hide
gtk_clist_set_column_widget
gtk_label_set_line_wrap
gtk_tree_path_new
gtk_tree_path_append_index
gtk_tree_sortable_sort_column_changed
gtk_tree_path_get_indices
gtk_tree_path_get_depth
gtk_tree_model_row_inserted
gtk_tree_path_free
gtk_tree_model_rows_reordered
gtk_tree_model_row_changed
gtk_tree_model_row_deleted
gtk_widget_get_type
gtk_widget_get_toplevel
gtk_widget_destroy
gtk_file_selection_get_filename_utf8
gtk_widget_hide
gtk_tree_selection_get_selected
gtk_window_set_urgency_hint
gtk_tree_view_get_path_at_pos
gtk_tree_selection_path_is_selected
gtk_tree_selection_selected_foreach
gtk_menu_popup
gtk_tree_selection_unselect_all
gtk_tree_selection_select_path
gtk_tree_model_get_iter_from_string
gtk_window_get_position
gtk_window_get_title
gtk_notebook_get_current_page
gtk_notebook_get_tab_label_text
gtk_text_buffer_get_end_iter
gtk_text_buffer_create_mark
gtk_text_view_scroll_to_mark
gtk_text_buffer_delete_mark
gtk_text_view_window_to_buffer_coords
gtk_text_view_get_iter_at_location
gtk_text_iter_get_tags
gtk_text_tag_get_type
gtk_tree_selection_get_tree_view
gtk_tree_model_get
gtk_tree_view_get_model
gtk_tree_model_get_iter
gtk_tree_view_get_column
gtk_tree_view_column_cell_get_size
gtk_drag_check_threshold
gtk_file_selection_set_filename_utf8
gtk_tree_path_new_from_string
gtk_tree_view_set_cursor_on_cell
gtk_main_iteration
gtk_events_pending
gtk_object_get_data
gtk_toggle_button_get_active
gtk_editable_delete_text
gtk_signal_emit_by_name
gtk_widget_get_size_request
gtk_image_get_pixbuf
gtk_fixed_move
gtk_drag_set_icon_pixbuf
gtk_selection_data_set
gtk_selection_data_set_uris
gtk_drag_finish
gtk_text_buffer_get_insert
gtk_text_buffer_get_bounds
gtk_text_buffer_get_text
gtk_text_buffer_get_iter_at_offset
gtk_text_iter_get_line
gtk_tree_model_get_iter_first
gtk_tree_model_iter_next
gtk_text_buffer_set_text
gtk_window_present
gtk_entry_get_text
gtk_text_buffer_insert
gtk_list_store_set
gtk_text_view_get_iter_location
gtk_text_view_get_visible_rect
gtk_text_iter_get_offset
gtk_combo_box_get_active
gtk_combo_box_get_active_text
gtk_list_store_get_type
gtk_combo_box_get_model
gtk_list_store_clear
gtk_text_buffer_get_iter_at_mark
gtk_label_set_text
gtk_window_set_focus
gtk_window_move
gtk_tree_view_set_model
gtk_tree_sortable_get_sort_column_id
gtk_list_store_append
gtk_text_buffer_create_tag
gtk_text_buffer_apply_tag
gtk_tree_store_append
gtk_tree_store_set
gtk_tree_store_clear
gtk_frame_get_type
gtk_frame_set_label
gtk_clist_clear
gtk_clist_append
gtk_editable_get_type
gtk_editable_set_position
gtk_text_buffer_place_cursor
gtk_text_buffer_move_mark_by_name
gtk_text_view_scroll_to_iter
gtk_container_remove
gtk_notebook_page_num
gtk_notebook_set_current_page
gtk_notebook_get_n_pages
gtk_notebook_remove_page
gtk_widget_get_name
gtk_text_buffer_insert_pixbuf
gtk_widget_is_toplevel
gtk_window_is_active
gtk_adjustment_get_lower
gtk_adjustment_set_value
gtk_text_buffer_get_char_count
gtk_text_buffer_get_line_count
gtk_text_buffer_get_iter_at_line
gtk_text_iter_backward_char
gtk_notebook_insert_page

libgtksourceview-2.0-0

gtk_source_buffer_begin_not_undoable_action
gtk_source_buffer_end_not_undoable_action
gtk_source_buffer_new_with_language
gtk_source_buffer_set_highlight_matching_brackets
gtk_source_buffer_set_highlight_syntax
gtk_source_buffer_set_style_scheme
gtk_source_language_manager_get_default
gtk_source_language_manager_guess_language
gtk_source_language_manager_set_search_path
gtk_source_style_scheme_manager_append_search_path
gtk_source_style_scheme_manager_get_default
gtk_source_style_scheme_manager_get_scheme
gtk_source_view_get_type
gtk_source_view_new_with_buffer
gtk_source_view_set_auto_indent
gtk_source_view_set_insert_spaces_instead_of_tabs
gtk_source_view_set_show_line_numbers
gtk_source_view_set_smart_home_end
gtk_source_view_set_tab_width

libpango-1.0-0

pango_font_description_from_string
pango_font_description_free

Sections

.text
Size: 957KB - Virtual size: 957KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 250KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c33fd87ca920e71910cdea09a57bd4e3

Headers

File Characteristics

Imports

advapi32

gdi32

iphlpapi

kernel32

msvcrt

ole32

shell32

user32

winmm

wsock32

libgdk-win32-2.0-0

libgdk_pixbuf-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-win32-2.0-0

libgtksourceview-2.0-0

libpango-1.0-0

Sections

.text Size: 957KB - Virtual size: 957KB

.data Size: 28KB - Virtual size: 28KB

.rdata Size: 108KB - Virtual size: 108KB

/4 Size: 181KB - Virtual size: 181KB

.bss Size: - Virtual size: 250KB

.idata Size: 18KB - Virtual size: 18KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 944B

/14 Size: 512B - Virtual size: 216B

/29 Size: 38KB - Virtual size: 37KB

/41 Size: 4KB - Virtual size: 4KB

/55 Size: 11KB - Virtual size: 11KB

/67 Size: 512B - Virtual size: 202B

/78 Size: 51KB - Virtual size: 50KB

/89 Size: 6KB - Virtual size: 5KB

.text
Size: 957KB - Virtual size: 957KB

.data
Size: 28KB - Virtual size: 28KB

.rdata
Size: 108KB - Virtual size: 108KB

/4
Size: 181KB - Virtual size: 181KB

.bss
Size: - Virtual size: 250KB

.idata
Size: 18KB - Virtual size: 18KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 944B

/14
Size: 512B - Virtual size: 216B

/29
Size: 38KB - Virtual size: 37KB

/41
Size: 4KB - Virtual size: 4KB

/55
Size: 11KB - Virtual size: 11KB

/67
Size: 512B - Virtual size: 202B

/78
Size: 51KB - Virtual size: 50KB

/89
Size: 6KB - Virtual size: 5KB