Bennett[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

Bennett.exe
Size

2.0MB
MD5

cd682eeb354f9689f495213c5b23b738
SHA1

692bb123e684368d3f870377477cda36ed0e67b2
SHA256

8dedeaeac89cf2b19cadca4a47e1795fcf8c2ed0296474a23cfa78f173ff39b3
SHA512

dbc3ac066e4cbd3658f0ea9dca7739c066c4fea9669224bf847e4f7de0c9cdbafac496c83450589d0f8076b8aa3716ead6ff897081f76f1870dc25619459d5e7
SSDEEP

24576:PA2kGAn59+5nNOBwv2pP+LFt44m4XJlPH31nZxVdjQy7NGegzy:o2u54/owv2MZXJlNnDLQeNMzy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bennett.exe

Files

Bennett.exe
.exe windows:4 windows x86 arch:x86

96d3115ac00fe2bbba96f7efb9d5ca58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetThreadSelectorEntry
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentProcess
GetCurrentProcessId
GetVersionExA
GetTempPathW
GetFileAttributesW
SetErrorMode
GetFileSize
FindClose
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetTempFileNameW
SetFileAttributesW
CreateDirectoryW
WritePrivateProfileStringW
ReadFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
GetFileInformationByHandle
DeviceIoControl
SetEndOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetOverlappedResult
SetFileTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcessHeap
HeapFree
GetTickCount
SystemTimeToFileTime
GetSystemTime
GetDateFormatW
GetTimeFormatW
Sleep
LoadLibraryW
FreeLibrary
GetProcAddress
GetSystemInfo
GetEnvironmentVariableW
GetModuleFileNameA
GetVersionExW
GetVolumeInformationW
GetSystemDefaultLangID
SetUnhandledExceptionFilter
CreateProcessW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
UnlockFileEx
UnlockFile
QueryPerformanceCounter
LockFileEx
LockFile
LoadLibraryA
HeapValidate
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
HeapAlloc
GetTempPathA
GetSystemTimeAsFileTime
GetFullPathNameW
GetFullPathNameA
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
DeleteFileA
CreateFileA
AreFileApisANSI
InterlockedCompareExchange
QueryPerformanceFrequency
GetPrivateProfileStringW
GetPrivateProfileStructW
WritePrivateProfileStructW
lstrcpyA
GetTimeZoneInformation
GetVersion
SetFileAttributesA
GetVolumeInformationA
FindFirstFileA
FindNextFileA
SetVolumeLabelA
lstrlenA
GetDriveTypeA
GetLocaleInfoA
GetFileTime
FileTimeToDosDateTime
WaitForMultipleObjects
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
CompareStringA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
CreateMutexW
GetCurrentThreadId
GetCommandLineW
GetExitCodeThread
TerminateThread
CreateThread
InterlockedIncrement
WideCharToMultiByte
GetModuleHandleW
GetThreadLocale
GetStringTypeExW
CompareStringW
MultiByteToWideChar
GetLastError
MoveFileW
InterlockedDecrement
GetLocalTime
GetWindowsDirectoryW
lstrlenW
GetLocaleInfoW
MulDiv
FindResourceExW
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryW
LocalAlloc
LocalFree
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
FormatMessageA
FormatMessageW
OutputDebugStringW
OutputDebugStringA
SetCommTimeouts
SetupComm
GetCommTimeouts
GetCommState
SetCommState
CreateDirectoryA
GetCurrentDirectoryA
DeleteFileW
GetUserDefaultLangID

user32

IsDlgButtonChecked
PostQuitMessage
PeekMessageW
GetWindowPlacement
SetWindowPlacement
GetForegroundWindow
SetForegroundWindow
AdjustWindowRectEx
IsZoomed
LoadIconW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetSubMenu
LoadMenuW
LoadMenuIndirectW
CreatePopupMenu
DestroyMenu
TrackPopupMenu
GetMenuState
CheckMenuItem
SetMenuDefaultItem
WindowFromPoint
MsgWaitForMultipleObjectsEx
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
LoadBitmapW
UnhookWindowsHookEx
GetWindowTextLengthW
OemToCharA
CharToOemA
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
EndDialog
CreateDialogIndirectParamW
CreateDialogParamW
DialogBoxIndirectParamW
IsRectEmpty
RegisterWindowMessageW
CheckDlgButton
GetSysColorBrush
GetDC
BeginPaint
DrawTextW
DrawFocusRect
EndPaint
PtInRect
MapWindowPoints
GetMessagePos
GetDoubleClickTime
GetWindowTextW
GetCapture
ReleaseCapture
DestroyWindow
CreateWindowExW
SetWindowTextW
SetCapture
MoveWindow
GetFocus
GetClientRect
LoadImageW
DestroyIcon
GetSysColor
GetSystemMetrics
SetFocus
InvalidateRect
UpdateWindow
GetWindowLongW
RemovePropW
SetWindowLongW
KillTimer
SetTimer
SendMessageW
CallWindowProcW
GetPropW
SetPropW
SetWindowPos
GetCursorPos
ScreenToClient
LoadCursorW
GetDlgCtrlID
GetParent
GetWindowRect
GetWindowDC
OffsetRect
InflateRect
IsWindowEnabled
FillRect
ReleaseDC
SystemParametersInfoW
GetKeyState
PostMessageW
MapDialogRect
DefFrameProcW
GetMessageW
TranslateMDISysAccel
TranslateAcceleratorW
IsDialogMessageW
LoadAcceleratorsW
RegisterClassExW
DrawEdge
DrawFrameControl
GetScrollInfo
GetScrollBarInfo
EnableWindow
GetDlgItem
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
SendDlgItemMessageW
MessageBoxW
SetScrollInfo
CharNextW
ShowWindow
RegisterClassW
DefWindowProcW
DeleteMenu
InsertMenuItemW
DialogBoxParamW
FrameRect
SetCursor

gdi32

GetTextExtentPoint32W
CreateFontW
GetTextMetricsW
CreateSolidBrush
GetTextFaceW
EnumFontFamiliesExW
SetBkColor
DeleteDC
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC
BitBlt
StretchBlt
SetStretchBltMode
Ellipse
GetPixel
GetBkColor
GetTextColor
RoundRect
GetDIBits
PolyPolyline
GetObjectW
CreateFontIndirectW
SaveDC
SetBkMode
CreatePen
SelectObject
Polyline
DeleteObject
GetStockObject
SetTextColor
RestoreDC
TextOutW
GetDeviceCaps

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_Draw
ord17
ImageList_GetImageCount
ImageList_DrawEx

ws2_32

WSALookupServiceBeginW
connect
WSALookupServiceEnd
socket
send
WSALookupServiceNextW
setsockopt
closesocket
WSAGetLastError
WSACleanup
WSAStartup
inet_ntoa
recv

winmm

timeGetTime

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

advapi32

QueryServiceStatus
GetUserNameW
EnumDependentServicesW
StartServiceW
OpenServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
CryptAcquireContextW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
RegSetKeySecurity
CryptReleaseContext

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteExW

ole32

CLSIDFromProgID
OleRun
CLSIDFromString
StringFromGUID2
CoUninitialize
CoCreateGuid
CreateStreamOnHGlobal
CoCreateInstance
CoGetMalloc
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString
SafeArrayPtrOfIndex
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
VariantChangeType

Sections

.text
Size: 904KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 916KB - Virtual size: 914KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96d3115ac00fe2bbba96f7efb9d5ca58

Headers

File Characteristics

Imports

kernel32

user32

gdi32

version

comctl32

ws2_32

winmm

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 904KB - Virtual size: 902KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 132KB - Virtual size: 172KB

.rsrc Size: 916KB - Virtual size: 914KB

.text
Size: 904KB - Virtual size: 902KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 132KB - Virtual size: 172KB

.rsrc
Size: 916KB - Virtual size: 914KB