vncviewer[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

vncviewer.exe
Size

577KB
MD5

e6ca75f1d5e7ceff1e40e6ef5262816b
SHA1

cb6b35611115d6b9da7365dd9e26dc3b9ec28462
SHA256

6a0b3db365cd82c9c5e28cc80267f689926198c9affcd4e9b25a7ca6c5786331
SHA512

c7341eba723ec002a1ac58f635e5d8e9f39c82184a7bda3ef6ae58803ebf5c3ee9158c8e7ad82d4714bb588808c69e7d35dea8f07b3a2bbe01eb9f231984dc76
SSDEEP

12288:4j8kBLXn+z9ND1U5GeUVPJVrlHbeFXvLTFdkHcrkeqn63g:4QkQFBeExVdbeFXvVdkO+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vncviewer.exe

Files

vncviewer.exe
.exe windows:4 windows x86 arch:x86

5825e1a12612b4e09c574a0ace675a63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
WSAConnect
socket
WSASocketA
WSADuplicateSocketA
closesocket
WSAStartup
recv
send
select
getsockopt
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSASetEvent
WSAEventSelect
WSAIoctl
WSAGetLastError
accept
listen
bind
htonl
inet_addr
gethostbyname
getpeername
inet_ntoa
htons
ioctlsocket
setsockopt

comctl32

PropertySheetA
_TrackMouseEvent
CreatePropertySheetPageA

kernel32

DeleteFileA
MoveFileA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
CreateFileW
GetFileType
SetFilePointer
GetCommandLineA
SetLastError
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
GetACP
GetOEMCP
GetCPInfo
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStartupInfoA
ExitProcess
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
OpenProcess
FreeEnvironmentStringsW
AllocConsole
GetCurrentDirectoryA
SetEvent
ResetEvent
CreateEventA
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentStringsW
HeapDestroy
RaiseException
RtlUnwind
HeapCreate
VirtualFree
SetHandleInformation
ExpandEnvironmentStringsA
OpenEventA
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
CreateProcessA
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExA
CreateFileA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForMultipleObjects
GetThreadTimes
ResumeThread
CreateThread
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
MultiByteToWideChar
WideCharToMultiByte
FindClose
FindFirstFileA
GetFileAttributesA
FindNextFileA
FindNextFileW
FindFirstFileW
FormatMessageA
FreeLibrary
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
GlobalMemoryStatus
DeleteCriticalSection
InitializeCriticalSection
CreatePipe
GetLastError
GetCurrentProcess
DuplicateHandle
WriteFile
GetModuleFileNameA
CloseHandle
Sleep
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
SetStdHandle
SetEndOfFile
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
FlushFileBuffers
InterlockedExchange
ReadFile
VirtualQuery

user32

SendMessageTimeoutA
IsWindowVisible
mouse_event
RegisterClipboardFormatA
wsprintfW
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
ReleaseDC
GetDC
EnumDisplaySettingsA
ChangeDisplaySettingsA
UnhookWindowsHookEx
SetWindowsHookExA
GetForegroundWindow
CallNextHookEx
PostMessageA
ChangeClipboardChain
GetKeyboardState
ToUnicode
ToAscii
EnableWindow
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
OpenDesktopA
EnumDesktopWindows
CloseDesktop
GetClassNameA
GetWindowThreadProcessId
FindWindowA
DialogBoxParamA
EndDialog
SetFocus
EnumDesktopsA
GetProcessWindowStation
SetClipboardViewer
WaitForInputIdle
LoadMenuA
GetSubMenu
SetMenuDefaultItem
SetForegroundWindow
PostQuitMessage
GetMessageA
TranslateMessage
GetWindowTextA
CreateWindowExA
LoadImageA
RegisterClassA
BeginPaint
FillRect
EndPaint
DefWindowProcA
SetCursor
GetAsyncKeyState
GetCursorPos
TrackPopupMenu
GetClientRect
ClientToScreen
SetCapture
GetWindowRect
SetWindowTextA
SetRect
AdjustWindowRect
SetScrollInfo
InvalidateRect
SystemParametersInfoA
ReleaseCapture
GetSystemMetrics
SetWindowPos
ScrollWindowEx
GetClipboardOwner
ShowCursor
UnregisterClassA
GetDlgItem
SendMessageA
CreateDialogParamA
PeekMessageA
MsgWaitForMultipleObjects
DestroyWindow
SetWindowLongA
DispatchMessageA
PostThreadMessageA
AppendMenuA
CheckMenuItem
ModifyMenuA
InsertMenuA
RemoveMenu
GetUpdateRect
GetWindowLongA
UpdateWindow
ShowWindow
GetSystemMenu
EnableMenuItem
MessageBoxA
MessageBeep
EmptyClipboard

gdi32

SelectObject
DeleteDC
GetObjectA
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
GetStockObject
SetStretchBltMode
SetBrushOrgEx
StretchBlt
BitBlt
SelectPalette
RealizePalette
ResizePalette
UnrealizeObject
SetPaletteEntries
DeleteObject
CreatePalette

comdlg32

CommDlgExtendedError
GetSaveFileNameA

shell32

Shell_NotifyIconA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegDeleteValueA
RegNotifyChangeKeyValue
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
CreateProcessAsUserA
EqualSid
OpenProcessToken
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
CopySid
GetLengthSid
IsValidSid
FreeSid
AllocateAndInitializeSid
GetTokenInformation

ole32

CoMarshalInterThreadInterfaceInStream
ReleaseStgMedium
OleGetClipboard
OleUninitialize
OleInitialize
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
OleSetClipboard

Sections

.text
Size: 424KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5825e1a12612b4e09c574a0ace675a63

Headers

File Characteristics

Imports

ws2_32

comctl32

kernel32

user32

gdi32

comdlg32

shell32

version

advapi32

ole32

Sections

.text Size: 424KB - Virtual size: 420KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 424KB - Virtual size: 420KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 24KB - Virtual size: 20KB