2025-02-06_2aaf48622a9038cafd1b24a67edffe6b_cerber

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-06_2aaf48622a9038cafd1b24a67edffe6b_cerber
Size

461KB
MD5

2aaf48622a9038cafd1b24a67edffe6b
SHA1

caa4bfee28c14cf3ee04546299d71352f314fac2
SHA256

f05fbdaada861682585ad99f18216c6d94092fcf759b1b17728e406a05365f07
SHA512

79f109d5fca63efd8e9a0c793917c9f19a361075e540f12f907e1525bf959182b66527bdc0db28bd11a5a2ac6247660a6fb29c39992f3311a9f3e7a32c53c7d2
SSDEEP

6144:PdacLxjXfqySXDE7DbZ+gBTv3Ud7q9hyqOWyrXN5Vo/hghtj1/nfkL/Ow:jtVSTE7DbpBfO9X/VXtjti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-06_2aaf48622a9038cafd1b24a67edffe6b_cerber

Files

2025-02-06_2aaf48622a9038cafd1b24a67edffe6b_cerber
.exe windows:5 windows x86 arch:x86

a449c97202743f42c7a39ea9c6217832

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapUserPhysicalPages
MultiByteToWideChar
ReadConsoleOutputAttribute
RemoveDirectoryA
RtlUnwind
SetHandleCount
SetLastError
SetSystemTimeAdjustment
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
LocalFree
LeaveCriticalSection
LCMapStringW
LCMapStringA
InitializeCriticalSection
HeapReAlloc
HeapFree
HeapDestroy
GetProcAddress
LoadLibraryA
CreateFileA
CreateDirectoryA
CreateHardLinkW
DeleteCriticalSection
EnterCriticalSection
EnumSystemCodePagesW
ExitProcess
FindNextFileA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetModuleHandleA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
HeapCreate
GetOEMCP
GetPrivateProfileIntA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
HeapAlloc
GlobalReAlloc
GlobalAlloc
GetVersionExA

user32

WINNLSGetEnableStatus
TabbedTextOutA
SetClassLongW
ScrollDC
ReuseDDElParam
IsDialogMessageA
GetUserObjectSecurity
GetOpenClipboardWindow
GetDlgCtrlID
GetAltTabInfo
FlashWindow
FindWindowA
EnumChildWindows
DrawIconEx
DragObject
DefDlgProcW
CreateMDIWindowW
CharNextA
CreateMenu
GetDialogBaseUnits
GetShellWindow
GetQueueStatus
GetParent
LoadCursorFromFileW
CreatePopupMenu
IsWindowVisible
VkKeyScanW
AnyPopup
DestroyCursor
GetDC
IsCharAlphaW
GetCapture
LoadIconW
LoadIconA
ShowCaret
GetClipboardViewer
IsCharLowerW
GetMessageExtraInfo
GetInputState
GetFocus
InsertMenuItemW

gdi32

OffsetClipRgn
GetStringBitmapW
GetStockObject
GetRelAbs
GetRandomRgn
GetMapMode
GetClipBox
GdiResetDCEMF
GdiPlayDCScript
GdiEntry3
GdiEntry16
GdiEntry12
GdiEndPageEMF
GdiConvertMetaFilePict
GdiConsoleTextOut
FONTOBJ_vGetInfo
FONTOBJ_pxoGetXform
EngQueryEMFInfo
EngGetCurrentCodePage
PolyBezier
DeviceCapabilitiesExW
CreateRectRgn
CreateCompatibleBitmap
CopyEnhMetaFileA
CreateSolidBrush
GetTextCharacterExtra
AddFontResourceA
BeginPath
GetEnhMetaFileW
DeleteColorSpace
FillPath
SaveDC
GetBkColor
RealizePalette
SelectBrushLocal
SetEnhMetaFileBits
RectInRegion
TranslateCharsetInfo
XLATEOBJ_cGetPalette
PolyPolyline
EndPage
TextOutA

advapi32

RegOpenKeyW
RegQueryValueExW

shell32

Shell_NotifyIconW
ShellHookProc
ShellExecuteW
ShellExecuteExA
ShellExecuteEx
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHGetInstanceExplorer
SHGetIconOverlayIndexA
SHGetFolderPathW
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceA
SHFreeNameMappings
SHFileOperation
SHEmptyRecycleBinA
SHChangeNotify
SHBindToParent
FindExecutableA
ExtractIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconExA
ExtractAssociatedIconA
DragQueryFileAorW
DragQueryFileA
DoEnvironmentSubstA
SHGetSettings
WOWShellExecute

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

StrChrA
StrChrW
StrCmpNIA
StrCmpNW
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a449c97202743f42c7a39ea9c6217832

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 342KB - Virtual size: 342KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 342KB - Virtual size: 342KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 13KB - Virtual size: 13KB