2025-03-17_bf113f021f87637db50876080626e59c_cerber

Resubmissions

17/03/2025, 03:20

250317-dv6qrs1r15 10

17/03/2025, 03:10

250317-dpep4aytg1 10

Sharing

Copy URL

Twitter E-mail

General

Target

2025-03-17_bf113f021f87637db50876080626e59c_cerber
Size

503KB
MD5

bf113f021f87637db50876080626e59c
SHA1

cb51ccacb638adc682fd4867bd3df3aa0aecd77b
SHA256

01fc8aa528661928144684048e46f52296f1e954b8fba604b22a1015a2186e48
SHA512

99068202057c4ad82d4ce45c19821b9e9732dce9801b2d3318d03a12832b341a36d30b9acf4e58c33b036e34a2c76743c33b4980ad6a26c03d5c3a30722ca03d
SSDEEP

6144:Fj68DTayM6Ct4ejdwtaIfNHt6zxB/gaBIzD4iDZIO7Ouh992STjrBpZwfKIz6W:N6qaJ7F2wwHANV7BqjDZcGPTPiyw6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-03-17_bf113f021f87637db50876080626e59c_cerber

Files

2025-03-17_bf113f021f87637db50876080626e59c_cerber
.exe windows:5 windows x86 arch:x86

e0ba99c0863c5d5222fa5c075c3d1336

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedExchange
LCMapStringA
LCMapStringW
LoadLibraryExW
LocalFree
LocalShrink
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SearchPathW
SetEvent
SetFileApisToOEM
GetSystemInfo
SetFileTime
SetHandleCount
SetLastError
SetMessageWaitingIndicator
SetStdHandle
SetThreadUILanguage
SetUnhandledExceptionFilter
SleepEx
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleInputW
WriteConsoleOutputCharacterW
WriteFile
lstrcatA
lstrcpyA
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessTimes
GetPrivateProfileStructA
GetOEMCP
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFileType
GetEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleWindow
GetConsoleAliasW
GetCommandLineA
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FormatMessageA
FlushFileBuffers
FillConsoleOutputCharacterW
ExitProcess
EnumSystemLocalesW
DeviceIoControl
CreateFileW
CloseHandle
ClearCommBreak
CancelIo
AddAtomW
Sleep
GetCPInfo
CreateFileA
GetModuleHandleA
LoadLibraryA
SetFilePointer
GetProcAddress

user32

DlgDirListW
CharToOemBuffA
GetMessageTime
GetDesktopWindow
DrawMenuBar
DestroyWindow
OemKeyScan
OpenIcon
GetSystemMetrics
GetLastActivePopup
CloseClipboard
GetSysColorBrush
GetSysColor
IsGUIThread
IsCharAlphaA
GetCaretBlinkTime
VkKeyScanA
AnyPopup
GetDialogBaseUnits
GetKBCodePage
GetKeyboardType
CharUpperW
GetOpenClipboardWindow
IsCharLowerA
IsMenu
IsCharAlphaNumericA
DestroyCursor
GetWindowContextHelpId
WindowFromDC
GetListBoxInfo
CopyIcon
GetThreadDesktop
GetFocus
GetClipboardData
GetMessagePos
IsWindow
IsWindowEnabled
IsCharUpperA
GetWindowTextLengthW
CharLowerW
IsCharLowerW
IsIconic
GetKeyboardLayout
GetParent
CloseDesktop
GetMenuContextHelpId
GetWindowDC
GetClipboardSequenceNumber
CharNextA
PaintDesktop
IsWindowVisible
CreatePopupMenu
GetAsyncKeyState
GetClipboardViewer
CreateMenu
EndMenu
GetDC
GetTopWindow
IsCharUpperW
GetMessageExtraInfo
GetProcessWindowStation
GetClipboardOwner
VkKeyScanW
ShowCaret

gdi32

GetTextExtentPointW
GetFontData
EngLineTo
GetStockObject
AbortDoc
GetDCPenColor
GetPolyFillMode
GetEnhMetaFileW
StrokePath
GetBkMode
DeleteColorSpace
GetROP2
FlattenPath
PathToRegion
GetStretchBltMode
AddFontResourceW
WidenPath
GdiFlush
GetMapMode
CloseMetaFile
SetMetaRgn
GetSystemPaletteUse
GetFontLanguageInfo
RealizePalette
CreateCompatibleDC
SwapBuffers
SaveDC
DeleteMetaFile
FillPath
CreateSolidBrush
UnrealizeObject
AddFontResourceA
DeleteEnhMetaFile
GetDCBrushColor
BeginPath

advapi32

RegOpenKeyW
OpenServiceA
OpenSCManagerA
ControlService
CloseServiceHandle
RegQueryValueExW

shell32

ShellExecuteW
ShellExecuteEx
ShellAboutW
ShellAboutA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHIsFileAvailableOffline
SHGetIconOverlayIndexA
SHGetFolderPathA
SHGetDiskFreeSpaceExW
SHGetDesktopFolder
SHFreeNameMappings
SHCreateDirectoryExA
SHChangeNotify
SHBrowseForFolderW
SHBindToParent
SHAppBarMessage
FindExecutableW
ExtractIconExA
ExtractAssociatedIconW
DragQueryPoint
CommandLineToArgvW

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize

shlwapi

StrChrW
StrCmpNIW
StrRChrA
StrRChrIW
StrChrIW

Sections

.text
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

e0ba99c0863c5d5222fa5c075c3d1336

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 447KB - Virtual size: 446KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 447KB - Virtual size: 446KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB