nero4083[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

nero4083.exe
Size

4.0MB
MD5

345d2fead2e2355ee52be28190339eb3
SHA1

5a4079913401ad9d593ffd70e452baf79565ce24
SHA256

3695dad167b218da59545c0c641983ae1d6b73c285bd5318b3af2ef391106069
SHA512

abc28a86910345cc50516ce97139ba02f3de8f6f78180f3995e89d00c15aae25ec9f7e22711fea368845aaba51933c6b92fe7fcb06ec56432657b4484d0453d7
SSDEEP

98304:jVercdWQBl5+ZxWiOtFIFBi5ZZqJVIOdk+DXaPl2+fNq3:M45SvOtFIBMqdVDQl2+fNq3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
nero4083.exe

Files

nero4083.exe
.exe windows:4 windows x86 arch:x86

Password: Oldversion

4f0a8f8a23ea9b399defb79b8cc46c7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetModuleFileNameA
GetVersion
GetCurrentProcess
GetLastError
GetTempPathA
CreateProcessA
CreateThread
InterlockedExchange
GetPrivateProfileStringA
CreateFileA
CreateDirectoryA
WriteFile
SetFilePointer
GetOEMCP
GetCPInfo
GlobalFlags
lstrcmpA
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
CloseHandle
IsBadWritePtr
VirtualAlloc
UnhandledExceptionFilter
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetACP
HeapReAlloc
HeapSize
TerminateProcess
ExitProcess
GetCommandLineA
HeapAlloc
HeapFree
GetStartupInfoA
RaiseException
RtlUnwind
SetStdHandle

user32

GetMenuItemID
GetDlgCtrlID
DestroyWindow
GetClassLongA
SetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
GetPropA
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetParent
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
DispatchMessageA
IsIconic
GetClassNameA
SetWindowsHookExA
GetWindowRect
SystemParametersInfoA
GetSystemMetrics
SetWindowPos
SetFocus
EnableWindow
DefWindowProcA
PostQuitMessage
CreateWindowExA
LoadCursorA
RegisterClassA
SendMessageA
GrayStringA
DrawTextA
TabbedTextOutA
DialogBoxParamA
GetWindowTextA
SetWindowTextA
LoadIconA
SetClassLongA
GetWindowLongA
FillRect
GetSysColor
GetDlgItem
LoadStringA
MessageBoxA
EndDialog
PostMessageA
PeekMessageA
PtInRect
DestroyMenu
ClientToScreen
GetClassInfoA
ReleaseDC
GetDC
SetWindowLongA
InvalidateRect
GetSysColorBrush
MapWindowPoints
AdjustWindowRectEx
CopyRect
GetClientRect
GetTopWindow
GetCapture
GetMenu
GetMenuItemCount
GetSubMenu
GetKeyState
CallNextHookEx
WinHelpA

gdi32

TextOutA
SetTextColor
SetTextAlign
CreateBitmap
GetClipBox
SetBkColor
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetBkMode

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: Oldversion

4f0a8f8a23ea9b399defb79b8cc46c7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 3.9MB - Virtual size: 3.9MB

.data Size: 16KB - Virtual size: 49KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 3.9MB - Virtual size: 3.9MB

.data
Size: 16KB - Virtual size: 49KB

.rsrc
Size: 8KB - Virtual size: 5KB