PortScan[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PortScan.exe
Size

652KB
MD5

524e4160264cbc70d15217f37d904514
SHA1

6e0bd2465471ff2c78e88667fea0c425ebab9cbf
SHA256

4a7dc91b1b9b7064eb396a0ccc05279b18d8c1a666a2353b52bff1b96da0e1ce
SHA512

55442e03088ad96632d3fdbabcb20264ec0235a0f1359ab86c66d843938dcba5c864642bcd87e6c6c38ae65e6bb2ab6c06d8f48d335581c74fecb63e8afc9990
SSDEEP

12288:n1KmSRi9PZtwVLm+7YA7YTFehmGvfSxbsThxVseW++vE:ng6PDWLmUYA7tSxbGxVseWlv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PortScan.exe

Files

PortScan.exe
.exe windows:4 windows x86 arch:x86

3f056a07638be4974ea0b1f473c27232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
GetCurrentThreadId
GetLastError
GetModuleHandleA
MoveFileA
GetLocaleInfoA
WriteFile
CreateFileA
GetModuleFileNameA
LocalFree
LocalAlloc
GetCurrentDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceExA
MulDiv
GetProcessHeap
HeapFree
GetFileAttributesA
SetErrorMode
GetFileSize
FindClose
FindFirstFileA
GetTempPathA
ExpandEnvironmentStringsA
GetCurrentProcess
GetSystemDirectoryA
GetWindowsDirectoryA
SetFileAttributesA
CreateDirectoryA
FindNextFileA
WritePrivateProfileStringA
DeleteFileA
ReadFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
GetFileInformationByHandle
InterlockedIncrement
SetEndOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetFileTime
CreateThread
TerminateThread
GetExitCodeThread
FormatMessageA
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjectsEx
WaitForSingleObject
GetLocalTime
GetThreadSelectorEntry
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentProcessId
GetVersionExA
LoadLibraryA
FreeLibrary
GetProcAddress
OpenProcess
Sleep
TerminateProcess
GetSystemTime
SystemTimeToFileTime
GetDateFormatA
GetTimeFormatA
GetSystemDefaultLangID
GetUserDefaultLangID
GetVolumeInformationA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
GetEnvironmentVariableA
GetPrivateProfileStringA
QueryPerformanceCounter
GlobalFree
lstrcpyA
GlobalLock
GlobalUnlock
GetTimeZoneInformation
GetVersion
GetFullPathNameA
SetVolumeLabelA
GetDriveTypeA
GetFileTime
FileTimeToDosDateTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapAlloc
RaiseException
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
CompareStringA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedDecrement
MultiByteToWideChar
GetThreadLocale
GetStringTypeExA
CompareStringW
WideCharToMultiByte
lstrlenA
CreateSemaphoreA
ReleaseSemaphore
SetUnhandledExceptionFilter
ExitThread
GetTickCount

user32

GetPropA
CallWindowProcA
GetDlgCtrlID
EndPaint
DrawFocusRect
DrawTextA
BeginPaint
ReleaseDC
GetDC
GetSysColorBrush
GetSysColor
PtInRect
GetCursorPos
DrawEdge
FrameRect
InflateRect
GetWindowTextA
GetWindowTextLengthA
LoadBitmapA
DialogBoxParamA
DialogBoxIndirectParamA
CreateDialogParamA
CreateDialogIndirectParamA
DestroyWindow
EndDialog
UpdateWindow
GetSubMenu
LoadMenuA
LoadMenuIndirectA
DestroyMenu
TrackPopupMenu
EnableMenuItem
SetMenuItemInfoA
GetMenuItemInfoA
SetPropA
GetMenuItemCount
OffsetRect
GetWindowDC
IsWindowVisible
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
DrawFrameControl
IsZoomed
DefWindowProcA
LoadIconA
WindowFromPoint
CreateWindowExW
UnhookWindowsHookEx
OemToCharA
CharToOemA
LoadImageA
GetWindowLongA
SetWindowPos
ShowWindow
DestroyIcon
MoveWindow
InvalidateRect
GetParent
GetWindowRect
MapWindowPoints
MapDialogRect
CharNextA
RegisterWindowMessageA
AdjustWindowRectEx
SystemParametersInfoA
GetForegroundWindow
SetForegroundWindow
FillRect
GetClientRect
GetDlgItem
PostMessageA
SendMessageA
GetKeyState
RemovePropA
SetWindowLongA
SetFocus
SetWindowPlacement
GetWindowPlacement
MessageBoxA
IsWindowEnabled
SetTimer
KillTimer
PeekMessageA
PostQuitMessage
ScreenToClient
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
LoadCursorA
SetCursor
SetWindowTextA
GetSystemMetrics

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_GetImageCount
ImageList_DrawEx
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ord17

ws2_32

inet_addr
inet_ntoa
gethostname
gethostbyaddr
closesocket
htonl
ioctlsocket
socket
WSAStartup
select
connect
listen
WSAGetLastError
htons
WSASend
WSARecv
getpeername
WSASocketA
WSAAsyncSelect
WSAConnect
WSACleanup
ntohs
WSAAddressToStringA
getservbyport
gethostbyname
__WSAFDIsSet
accept
getsockname
bind
setsockopt
sendto
recv
send
recvfrom
shutdown

winmm

timeGetTime

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA
WNetAddConnection3A
WNetCancelConnection2A
WNetUseConnectionA

gdi32

SaveDC
SelectObject
SetBkMode
SetTextColor
RestoreDC
CreateFontIndirectA
GetObjectA
GetPixel
Ellipse
CreateDIBSection
CreateCompatibleBitmap
EnumFontFamiliesExA
GetTextColor
GetBkColor
RoundRect
CreatePen
SetBkColor
CreateCompatibleDC
SetStretchBltMode
StretchBlt
DeleteObject
GetTextExtentPoint32A
CreateFontA
GetTextMetricsA
GetDeviceCaps
CreateSolidBrush
DeleteDC
BitBlt
GetStockObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

advapi32

QueryServiceStatus
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyA
EnumDependentServicesA
StartServiceA
OpenServiceA
ControlService
OpenSCManagerA
CloseServiceHandle
RegSetValueExA
RegDeleteValueA
RegCloseKey
CryptReleaseContext
CryptGenRandom
RegOpenKeyExA
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextA

shell32

ShellExecuteExA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoSetProxyBlanket
CreateStreamOnHGlobal
CLSIDFromString
OleRun
CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity

oleaut32

SysFreeString
SysAllocString
VariantClear
VariantInit
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayUnaccessData

Sections

.text
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f056a07638be4974ea0b1f473c27232

Headers

File Characteristics

Imports

kernel32

user32

version

comctl32

ws2_32

winmm

mpr

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 380KB - Virtual size: 377KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 44KB - Virtual size: 67KB

.rsrc Size: 172KB - Virtual size: 168KB

.text
Size: 380KB - Virtual size: 377KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 44KB - Virtual size: 67KB

.rsrc
Size: 172KB - Virtual size: 168KB