vncviewer[.]1[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

vncviewer.1.exe
Size

372KB
MD5

f2f8f2d266481550aa5eba0d48076acd
SHA1

31acd0f7990413dfd14cd2bc9a756e0a95f73cbb
SHA256

cd4054c3cdebfc09cba50428173038c95063c299d9835ab6fbe1a03b44cd02bb
SHA512

e72b5783e6a596f6ef0d05610eb84ee296bac9b5ea1911db72fb04842efd95379d6517abf1b0a2a675352dab63460415ec63cda1e5f3982d6aa20f19a4f5324a
SSDEEP

6144:wHQ7jMnUVXXd2JAaMEa44lAq9M7MC9vV4qxtahb:wHQ7jMnU8G7lAq9O54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vncviewer.1.exe

Files

vncviewer.1.exe
.exe windows:4 windows x86 arch:x86

b733175236a9cf071c9ccfd1b504e4fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

wsock32

connect
htons
WSAStartup
WSACleanup
bind
listen
accept
WSAAsyncSelect
inet_ntoa
WSAGetLastError
getpeername
send
recv
shutdown
closesocket
setsockopt
socket
ioctlsocket
gethostbyname

comctl32

CreateToolbarEx
ord17

kernel32

GetPrivateProfileStringA
DeleteFileA
CloseHandle
FindNextFileA
FindClose
FindFirstFileA
SetErrorMode
GetLogicalDriveStringsA
ReadFile
CreateFileA
WriteFile
SetFileTime
WriteConsoleA
GetStdHandle
OutputDebugStringA
AllocConsole
SetEndOfFile
SetFilePointer
GetModuleFileNameA
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDriveTypeA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
GetPrivateProfileIntA
HeapCreate
HeapDestroy
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
CreateThread
ExitThread
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
GetFullPathNameA
GetFileAttributesA
ExitProcess
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
TlsGetValue
WaitForSingleObject
CreateSemaphoreA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
Beep
FormatMessageA
LocalFree
Sleep
GetLastError
MultiByteToWideChar
GetTickCount
LCMapStringA
LCMapStringW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetConsoleOutputCP
WriteConsoleW
VirtualFree

user32

IsDialogMessageA
GetMessageA
MapWindowPoints
SetClassLongA
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
FindWindowA
GetWindowTextLengthA
GetDlgItemTextA
GetKeyboardState
ToAscii
GetKeyState
DestroyAcceleratorTable
TranslateAcceleratorA
CreateAcceleratorTableA
CreateDialogParamA
LoadKeyboardLayoutA
DestroyIcon
GetWindowTextA
EnableWindow
GetDlgItem
PeekMessageA
TranslateMessage
DispatchMessageA
LoadMenuA
DestroyMenu
GetSubMenu
GetMenuItemID
SetMenuDefaultItem
TrackPopupMenu
GetCursorPos
SetCursorPos
GetSystemMetrics
EmptyClipboard
LoadImageA
SetClipboardData
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconA
GetSysColorBrush
RegisterClassA
CreateWindowExA
SetWindowLongA
AppendMenuA
DrawMenuBar
GetForegroundWindow
GetWindow
GetFocus
LoadCursorA
SetCursor
WindowFromPoint
ScreenToClient
SetTimer
SetFocus
ChangeClipboardChain
KillTimer
PostQuitMessage
PostMessageA
SystemParametersInfoA
AdjustWindowRectEx
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
CheckMenuItem
GetWindowLongA
DestroyWindow
GetClientRect
GetMenuState
GetWindowRect
SetWindowPos
ShowWindow
ShowScrollBar
IsIconic
ScrollWindowEx
UpdateWindow
GetKeyboardLayoutNameA
MessageBoxA
SetScrollInfo
BeginPaint
EndPaint
DefWindowProcA
SetRect
DrawTextA
InvalidateRect
SetClipboardViewer
GetSystemMenu
EnableMenuItem
SendMessageA
ReleaseDC
GetDC
LoadStringA
SetWindowTextA
DialogBoxParamA
EndDialog
SetDlgItemTextA
RegisterClassExA

gdi32

CreateCompatibleDC
DeleteDC
SetPixelV
GetDeviceCaps
SetStretchBltMode
SetBrushOrgEx
StretchBlt
UpdateColors
CreatePalette
BitBlt
DeleteObject
CreateCompatibleBitmap
SetTextColor
SelectPalette
RealizePalette
SelectObject
GetStockObject
ExtTextOutA
SetBkColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

advapi32

RegOpenKeyExA
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegDeleteKeyA
RegCloseKey
RegEnumValueA

shell32

Shell_NotifyIconA

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b733175236a9cf071c9ccfd1b504e4fb

Headers

File Characteristics

Imports

winmm

wsock32

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 56KB - Virtual size: 52KB