2024-06-28_bab358c5bcab551fa9497d8042f81edd_cerber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-28_bab358c5bcab551fa9497d8042f81edd_cerber
Size

507KB
MD5

bab358c5bcab551fa9497d8042f81edd
SHA1

6960214279e7974cd9a6627ec0c62fbec42c8880
SHA256

b95f96a7d181d4f4aa5ab989e6e667f23deeb239ba4dff8f7f0371c61fdda9c3
SHA512

aefb9125df42dc333a82264b1eec4aadfc89c35d277301d025387bc1688ab412f287746813d2bc3288260b7bae58227130783edd85c6d4d359223c58a9a99f7b
SSDEEP

6144:um4asNDAe1UxYIud67pCsJARzBUIg8rDph992STjrBpZwfKIn5w6i:KasN26t47pCRGTkjPTPiyZ6i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-28_bab358c5bcab551fa9497d8042f81edd_cerber

Files

2024-06-28_bab358c5bcab551fa9497d8042f81edd_cerber
.exe windows:5 windows x86 arch:x86

ca7c9cbc475684c821bc420f1f9f9c3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedExchange
LCMapStringA
LCMapStringW
LoadLibraryExW
LocalFree
LocalShrink
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SearchPathW
SetEvent
SetFileApisToOEM
GetSystemInfo
SetFileTime
SetHandleCount
SetLastError
SetMessageWaitingIndicator
SetStdHandle
SetThreadUILanguage
SetUnhandledExceptionFilter
SleepEx
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleInputW
WriteConsoleOutputCharacterW
WriteFile
lstrcatA
lstrcpyA
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessTimes
GetPrivateProfileStructA
GetOEMCP
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFileType
GetEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleWindow
GetConsoleAliasW
GetCommandLineA
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FormatMessageA
FlushFileBuffers
FillConsoleOutputCharacterW
ExitProcess
EnumSystemLocalesW
DeviceIoControl
CreateFileW
CloseHandle
ClearCommBreak
CancelIo
AddAtomW
GetModuleHandleA
Sleep
GetCPInfo
CreateFileA
LoadLibraryA
SetFilePointer
GetProcAddress

user32

DlgDirListW
CharToOemBuffA
IsIconic
GetKeyboardLayout
GetParent
GetClipboardSequenceNumber
CharNextA
PaintDesktop
CreateMenu
EndMenu
GetTopWindow
GetClipboardOwner
GetMessageTime
GetDesktopWindow
DrawMenuBar
DestroyWindow
OemKeyScan
CharLowerW
OpenIcon
GetAsyncKeyState
GetSystemMetrics
IsCharUpperW
GetLastActivePopup
CloseDesktop
CloseClipboard
GetSysColorBrush
GetSysColor
IsGUIThread
IsCharAlphaA
GetCaretBlinkTime
GetWindowDC
VkKeyScanA
AnyPopup
VkKeyScanW
GetDialogBaseUnits
GetMessageExtraInfo
GetKeyboardType
CharUpperW
GetOpenClipboardWindow
IsCharLowerA
IsMenu
CreatePopupMenu
IsCharAlphaNumericA
DestroyCursor
GetProcessWindowStation
GetClipboardViewer
GetWindowContextHelpId
WindowFromDC
GetListBoxInfo
CopyIcon
GetDC
GetThreadDesktop
GetFocus
GetClipboardData
IsCharLowerW
GetMenuContextHelpId
GetMessagePos
ShowCaret
GetWindowTextLengthW
IsCharUpperA
IsWindowVisible
IsWindowEnabled
IsWindow
GetKBCodePage

gdi32

GetTextExtentPointW
GetFontData
EngLineTo
CreateCompatibleDC
CloseMetaFile
GetDCBrushColor
DeleteEnhMetaFile
UnrealizeObject
GetStockObject
BeginPath
SaveDC
GetDCPenColor
GetPolyFillMode
GetEnhMetaFileW
FillPath
StrokePath
GetBkMode
DeleteColorSpace
GetROP2
DeleteMetaFile
FlattenPath
PathToRegion
GetStretchBltMode
AddFontResourceW
WidenPath
CreateSolidBrush
GdiFlush
GetMapMode
RealizePalette
GetFontLanguageInfo
AbortDoc
AddFontResourceA
GetSystemPaletteUse
SetMetaRgn
SwapBuffers

advapi32

RegOpenKeyW
OpenServiceA
OpenSCManagerA
ControlService
CloseServiceHandle
RegQueryValueExW

shell32

ShellExecuteW
ShellExecuteEx
ShellAboutW
ShellAboutA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHIsFileAvailableOffline
SHGetIconOverlayIndexA
SHGetFolderPathA
SHGetDiskFreeSpaceExW
SHGetDesktopFolder
SHFreeNameMappings
SHCreateDirectoryExA
SHChangeNotify
SHBrowseForFolderW
SHBindToParent
SHAppBarMessage
FindExecutableW
ExtractIconExA
ExtractAssociatedIconW
DragQueryPoint
CommandLineToArgvW

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize

shlwapi

StrChrW
StrCmpNIW
StrRChrA
StrRChrIW
StrChrIW

Sections

.text
Size: 451KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca7c9cbc475684c821bc420f1f9f9c3d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 451KB - Virtual size: 450KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 451KB - Virtual size: 450KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB