PortScan[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PortScan.exe
Size

676KB
MD5

6cae91d64edcca814a39cb7abe0301c5
SHA1

b090f1cddeb7fabcbe530a2c15d852df24a6fe66
SHA256

dfc5c28f35828b2cac572cb7b41bf44c4d37fd1a4ac96d14b9c7c23b6bf08526
SHA512

eb01c732ec25c95257b802ca88e6f58820b6f765029d021f6bb026a06ddf6f96117960330e23cc1c857189c9a7df217e130ad3963a212300118afbee31ffa12c
SSDEEP

12288:ymdjFCID9sQnX4t7PHZB+/5j2VpjxxbsThxVseW++3xE:JUID+QnX4t7PHZajKjxxbGxVseWlh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PortScan.exe

Files

PortScan.exe
.exe windows:4 windows x86 arch:x86

ddd500bfb5408017b75fb9e33dafd58e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentThreadId
GetLastError
GetModuleHandleA
MoveFileA
GetLocaleInfoA
WriteFile
CreateFileA
GetModuleFileNameA
LocalFree
LocalAlloc
GetCurrentDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceExA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcessHeap
HeapFree
GetFileAttributesA
SetErrorMode
GetFileSize
FindClose
FindFirstFileA
GetTempPathA
ExpandEnvironmentStringsA
GetCurrentProcess
GetSystemDirectoryA
GetWindowsDirectoryA
SetFileAttributesA
CreateDirectoryA
FindNextFileA
WritePrivateProfileStringA
DeleteFileA
ReadFile
FlushFileBuffers
UnmapViewOfFile
CloseHandle
GetFileInformationByHandle
SetEndOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetFileTime
CreateThread
TerminateThread
GetExitCodeThread
FormatMessageA
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjectsEx
WaitForSingleObject
GetLocalTime
GetCommandLineA
GetThreadSelectorEntry
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentProcessId
GetVersionExA
LoadLibraryA
FreeLibrary
GetProcAddress
OpenProcess
GetPrivateProfileStringA
Sleep
TerminateProcess
GetSystemTime
SystemTimeToFileTime
GetDateFormatA
GetTimeFormatA
GetSystemDefaultLangID
GetUserDefaultLangID
GetVolumeInformationA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetEnvironmentVariableA
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcpyA
GetTimeZoneInformation
GetVersion
GetFullPathNameA
SetVolumeLabelA
GetDriveTypeA
GetFileTime
FileTimeToDosDateTime
RtlUnwind
GetStartupInfoA
ExitProcess
HeapReAlloc
HeapAlloc
RaiseException
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
CompareStringA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedIncrement
GetTickCount
InterlockedDecrement
MultiByteToWideChar
GetThreadLocale
GetStringTypeExA
CompareStringW
WideCharToMultiByte
lstrlenA
CreateSemaphoreA
ReleaseSemaphore
SetUnhandledExceptionFilter
ExitThread
SetFilePointer

user32

GetDlgCtrlID
EndPaint
DrawFocusRect
DrawTextA
BeginPaint
ReleaseDC
GetDC
GetSysColorBrush
GetSysColor
PtInRect
GetCursorPos
DrawEdge
FrameRect
InflateRect
GetWindowTextA
GetWindowTextLengthA
LoadBitmapA
DialogBoxParamA
DialogBoxIndirectParamA
CreateDialogParamA
CreateDialogIndirectParamA
DestroyWindow
EndDialog
UpdateWindow
GetSubMenu
LoadMenuA
LoadMenuIndirectA
DestroyMenu
TrackPopupMenu
EnableMenuItem
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
OffsetRect
GetWindowDC
CloseClipboard
CallWindowProcA
EmptyClipboard
OpenClipboard
IsWindowVisible
DefWindowProcA
RegisterClassA
CreateWindowExA
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
DrawFrameControl
IsZoomed
LoadIconA
WindowFromPoint
CreateWindowExW
UnhookWindowsHookEx
OemToCharA
CharToOemA
SetCursor
SetWindowTextA
GetSystemMetrics
LoadImageA
GetWindowLongA
SetWindowPos
ShowWindow
DestroyIcon
MoveWindow
InvalidateRect
GetParent
GetWindowRect
MapWindowPoints
CharNextA
GetPropA
SetPropA
RegisterWindowMessageA
AdjustWindowRectEx
SystemParametersInfoA
GetForegroundWindow
FillRect
GetClientRect
GetDlgItem
MapDialogRect
PostMessageA
SendMessageA
GetKeyState
RemovePropA
SetWindowLongA
SetForegroundWindow
SetFocus
SetWindowPlacement
GetWindowPlacement
MessageBoxA
IsWindowEnabled
SetTimer
KillTimer
PeekMessageA
PostQuitMessage
ScreenToClient
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
SetClipboardData
LoadCursorA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ImageList_GetImageCount
ImageList_DrawEx
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ord17

ws2_32

htons
inet_ntoa
gethostbyname
gethostname
gethostbyaddr
inet_addr
WSAGetLastError
ioctlsocket
WSAStartup
WSAAddressToStringA
select
connect
closesocket
htonl
WSASend
WSARecv
getpeername
WSASocketA
WSAAsyncSelect
WSAConnect
getservbyport
WSACleanup
socket
__WSAFDIsSet
ntohs
accept
shutdown
listen
getsockname
bind
setsockopt
sendto
recv
send
recvfrom

winmm

timeGetTime

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA
WNetAddConnection3A
WNetCancelConnection2A
WNetUseConnectionA

gdi32

SaveDC
SelectObject
SetBkMode
SetTextColor
RestoreDC
CreateFontIndirectA
GetObjectA
GetPixel
Ellipse
CreateDIBSection
CreateCompatibleBitmap
EnumFontFamiliesExA
GetTextFaceA
GetTextColor
GetBkColor
PolyPolyline
TextOutA
Polyline
RoundRect
CreatePen
SetBkColor
CreateCompatibleDC
SetStretchBltMode
DeleteObject
GetTextExtentPoint32A
CreateFontA
GetTextMetricsA
GetDeviceCaps
CreateSolidBrush
DeleteDC
BitBlt
StretchBlt
GetStockObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

advapi32

QueryServiceStatus
RegCreateKeyExA
EnumDependentServicesA
StartServiceA
OpenServiceA
ControlService
OpenSCManagerA
CloseServiceHandle
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegDeleteValueA
CryptReleaseContext
RegCloseKey
CryptGenRandom
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextA

shell32

ShellExecuteExA
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoSetProxyBlanket
CreateStreamOnHGlobal
CLSIDFromString
OleRun
CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity

oleaut32

SysFreeString
SysAllocString
VariantClear
VariantInit
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayPtrOfIndex

Sections

.text
Size: 400KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddd500bfb5408017b75fb9e33dafd58e

Headers

File Characteristics

Imports

kernel32

user32

version

comctl32

ws2_32

winmm

mpr

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 400KB - Virtual size: 396KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 40KB - Virtual size: 67KB

.rsrc Size: 176KB - Virtual size: 174KB

.text
Size: 400KB - Virtual size: 396KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 40KB - Virtual size: 67KB

.rsrc
Size: 176KB - Virtual size: 174KB