455a7ebf67aec7b4d6cc18ed930bde491c0327ba5e24968514dd9b3449a7c374

Sharing

Copy URL Twitter E-mail

General

Target

455a7ebf67aec7b4d6cc18ed930bde491c0327ba5e24968514dd9b3449a7c374
Size

3.1MB
MD5

bc969e0fa3c879e2acb3c360e5fe6940
SHA1

887781551bb75a53846ba0e1d359d2ec76304cb4
SHA256

455a7ebf67aec7b4d6cc18ed930bde491c0327ba5e24968514dd9b3449a7c374
SHA512

eb8eb62332f5158acbeee8f88b0cb1ec3c47642f51f4f3e0af5dd4d68d6ed58b954f22bb74e32dfdb240ad2e5f19ae23ddcf48f78463ef41bc25e7eb172df18b
SSDEEP

49152:TtL+IOEM5ygqJTnPf1JkwKcBgsQIH0Zls8NGlLC50lbiP:xLemFlkwPgb0BCc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/IBMTech-VNC.exe

Files

455a7ebf67aec7b4d6cc18ed930bde491c0327ba5e24968514dd9b3449a7c374
.iso
out.iso
.iso
IBMTech-VNC.exe
.exe windows:5 windows x64 arch:x64

4abedc803df9a7de75361e0469ec3efe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

N:\2.MyDevelopment\3.Tools_Development\4.TightVNCCustomize\Munna_Customize\tightvnc\x64\Release\tvnviewer.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
CreateToolbarEx

kernel32

SetFilePointer
WriteConsoleW
GetModuleHandleW
GetComputerNameA
ReadFile
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
HeapFree
HeapReAlloc
VirtualAlloc
GetFileSizeEx
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateDirectoryW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
SetFileTime
SetErrorMode
FindClose
CreateFileW
GetLogicalDriveStringsW
DeleteFileW
CloseHandle
MoveFileW
GetCurrentThreadId
GetCurrentProcessId
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
ResumeThread
Sleep
CreateThread
MultiByteToWideChar
WideCharToMultiByte
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
FreeResource
LockResource
LoadResource
FindResourceW
GetCurrentProcess
GetModuleFileNameW
GetLastError
TerminateProcess
CreateEventW
SetEvent
CreateProcessW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetCommandLineW
GetProcAddress
FreeLibrary
LocalFree
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlPcToFileHeader
RaiseException
RtlUnwindEx
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetACP
HeapAlloc

user32

GetDlgItem
MessageBoxW
GetCursorPos
SetForegroundWindow
RegisterWindowMessageW
TrackPopupMenu
IsWindowVisible
MapVirtualKeyW
DestroyIcon
GetWindowLongPtrW
GetSystemMetrics
SendMessageW
CallWindowProcW
PostMessageW
ShowWindow
GetActiveWindow
GetWindowRect
GetWindowTextW
InvalidateRect
SetWindowLongW
SetWindowTextW
GetWindowLongW
DialogBoxParamW
LoadIconW
IsWindow
SetClassLongPtrW
EndDialog
DestroyWindow
CreateDialogParamW
EnableMenuItem
AppendMenuW
CheckMenuItem
DestroyMenu
SetMenuDefaultItem
CreatePopupMenu
GetMenuItemCount
InsertMenuItemW
GetMenuItemID
GetSystemMenu
CreateWindowExW
FillRect
ShowScrollBar
SetScrollInfo
EndPaint
BeginPaint
GetClientRect
ScreenToClient
GetParent
LoadBitmapW
ReleaseDC
GetDC
ToUnicodeEx
GetKeyboardLayout
GetAsyncKeyState
GetKeyState
LoadAcceleratorsW
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetPriorityClipboardFormat
SetClipboardViewer
PostQuitMessage
IsDialogMessageW
SystemParametersInfoW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetWindowPos
MonitorFromWindow
MessageBeep
GetWindowPlacement
GetMonitorInfoW
GetKeyboardLayoutNameW
SetWindowPlacement
SetFocus
LoadCursorW
KillTimer
GetDesktopWindow
IsIconic
GetMessageW
DefWindowProcW
SetWindowLongPtrW
UnregisterClassW
DispatchMessageW
SetTimer
RegisterClassW
TranslateAcceleratorW
TranslateMessage
GetSysColorBrush
EnableWindow

comdlg32

GetSaveFileNameW

advapi32

RegCreateKeyW
RegSetValueExW
RegDeleteKeyW
GetUserNameA
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegDeleteValueW
RegCloseKey

ws2_32

inet_addr
select
closesocket
WSAStartup
WSACleanup
setsockopt
send
getsockname
getpeername
listen
shutdown
bind
accept
__WSAFDIsSet
socket
connect
htons
recv
htonl
ntohs
ntohl
gethostbyname
WSAGetLastError
ioctlsocket

gdi32

GetDIBits
GetCurrentObject
CreateDIBSection
StretchBlt
SetStretchBltMode
SelectObject
CreateCompatibleDC
DeleteDC
GetObjectW
CreateSolidBrush
BitBlt
DeleteObject

shell32

SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 666KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

4abedc803df9a7de75361e0469ec3efe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

comdlg32

advapi32

ws2_32

gdi32

shell32

version

Sections

.text Size: 666KB - Virtual size: 665KB

.rdata Size: 287KB - Virtual size: 287KB

.data Size: 2.0MB - Virtual size: 2.0MB

.pdata Size: 32KB - Virtual size: 32KB

.gfids Size: 1024B - Virtual size: 572B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 666KB - Virtual size: 665KB

.rdata
Size: 287KB - Virtual size: 287KB

.data
Size: 2.0MB - Virtual size: 2.0MB

.pdata
Size: 32KB - Virtual size: 32KB

.gfids
Size: 1024B - Virtual size: 572B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 6KB - Virtual size: 6KB