2025-03-06_775b66fe56da920efc4a9ff5ab7ae4d3_cerber

Sharing

Copy URL

Twitter E-mail

General

Target

2025-03-06_775b66fe56da920efc4a9ff5ab7ae4d3_cerber
Size

512KB
MD5

775b66fe56da920efc4a9ff5ab7ae4d3
SHA1

00776bb6387db3e7576e0a5c67f0d780cf846480
SHA256

cfb1ec7d3d81c8a212ed6ef0493c2b3132c99644405dd0ccef236d4d6b734d91
SHA512

7f34294c7621e6ad4a7893bed125d80386e006d10b3d245d86e4381e8e1257b1bbb8ac4b532c6437d7616020924647ec128e43b80754d3c991e5434288e5d4f6
SSDEEP

6144:1CuacLxiL7o3VAjRHjPLn4ngywlZedJg6wB+kydnpCQitTqLFnfkL/Owf:EOkLmAjdjLn4gyqUnkydnpCjxOil

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-03-06_775b66fe56da920efc4a9ff5ab7ae4d3_cerber

Files

2025-03-06_775b66fe56da920efc4a9ff5ab7ae4d3_cerber
.exe windows:5 windows x86 arch:x86

a9709a1e3e486ecc87cdda4db2012e21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetCompressedFileSizeW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentConsoleFont
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesExW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLargestConsoleWindowSize
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetOEMCP
GetPrivateProfileStringW
GetPrivateProfileStructA
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadLocale
GetThreadPriorityBoost
GetTickCount
GetTimeZoneInformation
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadHugeWritePtr
IsBadReadPtr
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MapUserPhysicalPagesScatter
Module32FirstW
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
RequestDeviceWakeup
RtlUnwind
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetTapePosition
SetUnhandledExceptionFilter
SetVolumeMountPointA
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjectsEx
WaitForSingleObject
WaitNamedPipeA
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteProcessMemory
lstrcmpA
lstrcmpW
lstrcmpiW
lstrlenA
lstrlenW
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitA
ExitThread
ExitProcess
EscapeCommFunction
EnumResourceNamesW
EnumDateFormatsW
EnterCriticalSection
EndUpdateResourceW
DeleteVolumeMountPointW
DeleteFileW
DeleteCriticalSection
DebugActiveProcess
CreateThread
CreateMailslotA
CreateFileA
CreateEventW
CreateDirectoryW
ConvertThreadToFiber
CompareStringW
CompareStringA
CloseHandle
GetModuleHandleA
LoadLibraryA
GetProcAddress
IsValidCodePage
CreateFileW

user32

IMPSetIMEA
InflateRect
InvalidateRect
InvalidateRgn
IsChild
IsDlgButtonChecked
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
LoadAcceleratorsW
LoadBitmapA
LoadCursorW
LoadImageW
LoadMenuW
LoadStringA
LoadStringW
MapWindowPoints
MessageBeep
MessageBoxW
MonitorFromPoint
MoveWindow
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
SendMessageW
SetCapture
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetPropW
SetRect
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UnhookWinEvent
UnloadKeyboardLayout
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
WindowFromPoint
wvsprintfW
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowLongW
GetWindow
GetSysColor
GetSubMenu
GetParent
GetMonitorInfoW
GetMessageW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetKeyboardLayoutList
GetFocus
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDesktopWindow
GetDC
GetClientRect
GetClassNameW
GetClassInfoExW
GetActiveWindow
FillRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
DrawTextW
DrawFrameControl
DrawFrame
DrawFocusRect
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyAcceleratorTable
DefWindowProcW
CreateWindowExW
CreatePopupMenu
CreateMDIWindowA
CreateDialogParamW
CreateCaret
CreateAcceleratorTableW
CopyRect
CheckDlgButton
CharNextW
CharNextA
LoadIconA
LoadIconW
AppendMenuW
BeginPaint
CallWindowProcW
CharLowerBuffW
ClientToScreen

gdi32

SetROP2
SetICMProfileA
SetBkMode
SetBkColor
SetArcDirection
SelectObject
RemoveFontResourceTracking
PolyBezierTo
PATHOBJ_vEnumStartClipLines
GetViewportExtEx
GetStockObject
SetViewportOrgEx
BitBlt
GetMetaRgn
GetDeviceCaps
GetDIBits
GdiGetPageHandle
GdiConvertDC
ExtTextOutW
DeleteObject
DeleteMetaFile
DeleteDC
CreateSolidBrush
CreateFontIndirectW
CreateEllipticRgnIndirect
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
GetObjectW

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegSetValueExW

shell32

SHPathPrepareForWriteA
SHGetSpecialFolderPathA
SHGetFileInfoW
SHGetFileInfo
SHChangeNotify
DragQueryFile
ShellExecuteW

ole32

CoTaskMemRealloc
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree

shlwapi

PathIsDirectoryW
PathRemoveFileSpecW
StrRStrIA
StrStrIA
StrStrW
PathFileExistsW

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9709a1e3e486ecc87cdda4db2012e21

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 339KB - Virtual size: 339KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 339KB - Virtual size: 339KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 13KB - Virtual size: 13KB