671328841f61a7ade18e1344bc00f6acaeaea50141a2b38373621eeec337b725

Sharing

Copy URL Twitter E-mail

General

Target

671328841f61a7ade18e1344bc00f6acaeaea50141a2b38373621eeec337b725
Size

1.0MB
MD5

c738e0f98a67a2c930d94fcb5e361aff
SHA1

5744c8b7af3d961c932e076d0f052cdc4eace7a6
SHA256

671328841f61a7ade18e1344bc00f6acaeaea50141a2b38373621eeec337b725
SHA512

3022af160db03d522abcf2dd884a41a5ac666185f85e4c17c025a5f57b474d7523f583e7148dd6083a649bd15e3953f6d74302424a6d6fc932af93bb32e4560b
SSDEEP

24576:uZZFsE+jeNNY4kGEMybRv/G8EXJbBzME9oK8Ocr8P:uZfsE+jeNNAGEM0vOn9UOco

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
671328841f61a7ade18e1344bc00f6acaeaea50141a2b38373621eeec337b725

Files

671328841f61a7ade18e1344bc00f6acaeaea50141a2b38373621eeec337b725
.exe windows:5 windows x64 arch:x64

8b2f1732dcf7d07cd55a4500f49b499c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

Y:\build\tightvnc-2.8.84-gpl\x64\Release\tvnviewer.pdb

Imports

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
CreateToolbarEx

ws2_32

WSAGetLastError
htonl
htons
ntohl
ntohs
gethostbyname
bind
connect
recv
send
select
__WSAFDIsSet
accept
closesocket
getsockname
getpeername
listen
shutdown
ioctlsocket
socket
WSACleanup
WSAStartup
setsockopt

kernel32

CreateDirectoryW
SetFileTime
CreateFileW
MoveFileW
FindClose
RemoveDirectoryW
FindNextFileW
CloseHandle
DeleteFileW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
ResumeThread
Sleep
CreateThread
GetLastError
GetModuleFileNameW
TerminateProcess
SetEvent
CreateEventW
CreateProcessW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCommandLineW
GetCurrentProcess
GetProcAddress
LocalFree
GetCurrentThreadId
GetCurrentProcessId
GetLogicalDriveStringsW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
WriteFile
HeapCreate
HeapSetInformation
ExitProcess
HeapSize
FlsAlloc
SetLastError
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
LCMapStringW
LCMapStringA
GetCPInfo
HeapReAlloc
HeapAlloc
RtlUnwindEx
RtlPcToFileHeader
RaiseException
GetStartupInfoW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
GetUserDefaultLCID
GetLocaleInfoA
SetErrorMode
FindFirstFileW
FormatMessageW
FindResourceW
LoadResource
LockResource
FreeResource
GetLocalTime
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
GetStartupInfoA
QueryPerformanceCounter
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileSizeEx
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetPrivateProfileStringW

user32

GetPriorityClipboardFormat
SetClipboardData
PostQuitMessage
IsDialogMessageW
SystemParametersInfoW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetDC
ReleaseDC
GetParent
LoadBitmapW
FillRect
EndPaint
BeginPaint
ScreenToClient
GetClientRect
ShowScrollBar
SetScrollInfo
OpenClipboard
GetMenuItemID
InsertMenuItemW
AppendMenuW
EnableMenuItem
CreatePopupMenu
GetMenuItemCount
SetMenuDefaultItem
DestroyMenu
CreateWindowExW
DestroyWindow
DialogBoxParamW
SetClassLongPtrW
EndDialog
CreateDialogParamW
IsWindow
GetKeyState
InvalidateRect
GetWindowLongW
GetClipboardData
CloseClipboard
EmptyClipboard
GetKeyboardLayout
GetSystemMenu
GetAsyncKeyState
GetWindowTextW
SetWindowLongW
SetWindowTextW
LoadAcceleratorsW
LoadIconW
SetWindowPlacement
GetWindowRect
IsIconic
KillTimer
LoadCursorW
MessageBeep
SetFocus
GetKeyboardLayoutNameW
GetWindowPlacement
MonitorFromWindow
GetDesktopWindow
SetWindowPos
ShowWindow
GetMonitorInfoW
TranslateAcceleratorW
SetTimer
GetMessageW
UnregisterClassW
TranslateMessage
GetSysColorBrush
GetActiveWindow
RegisterClassW
SetWindowLongPtrW
DefWindowProcW
DispatchMessageW
EnableWindow
PostMessageW
GetWindowLongPtrW
GetSystemMetrics
DestroyIcon
CallWindowProcW
MapVirtualKeyW
IsWindowVisible
SendMessageW
SetClipboardViewer
TrackPopupMenu
RegisterWindowMessageW
SetForegroundWindow
GetCursorPos
GetDlgItem
MessageBoxW
ToUnicodeEx
CheckMenuItem

gdi32

GetDIBits
CreateDIBSection
SetStretchBltMode
StretchBlt
DeleteDC
SelectObject
CreateCompatibleDC
GetObjectW
BitBlt
CreateSolidBrush
GetCurrentObject
DeleteObject

comdlg32

GetSaveFileNameW

advapi32

RegCreateKeyW
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyW
RegCloseKey
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
Shell_NotifyIconW
CommandLineToArgvW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b2f1732dcf7d07cd55a4500f49b499c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

version

Sections

.text Size: 676KB - Virtual size: 675KB

.rdata Size: 244KB - Virtual size: 243KB

.data Size: 22KB - Virtual size: 32KB

.pdata Size: 50KB - Virtual size: 49KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 676KB - Virtual size: 675KB

.rdata
Size: 244KB - Virtual size: 243KB

.data
Size: 22KB - Virtual size: 32KB

.pdata
Size: 50KB - Virtual size: 49KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 7KB - Virtual size: 6KB