缓存补丁制作工具[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

缓存补丁制作工具.exe
Size

3.5MB
MD5

b1e0ae88f76dde79e1d3bada8e042855
SHA1

c4c36f268b72e5fc1836533ad6df07dae820ae8d
SHA256

c4475775163ad1d65cf54f48bc5e9cf9ad32f0a15e0143f9597c8530d6dcab2f
SHA512

b9d9cb5e50967025ddd4943e12d32a98d897d07cf48aaeef648cfd2bf3259ebfd40adea54f38a7f2ac35b436a5d7c36dc6ec0661d44404e5a28cb2c5a65f78e8
SSDEEP

98304:dHuEGIIL2F9BhMDR2SFz6dRgMzFZ4Ky+rFLOAkGkzdnEVomFHKnP:dHFnF/hEggMzFZ4KymFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
缓存补丁制作工具.exe

Files

缓存补丁制作工具.exe
.exe windows x86

2ca589a1fa0d2be3bedc16b7f2c6168b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandleEx
AreFileApisANSI
GetLocaleInfoEx
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
OutputDebugStringW
GetCPInfoExW
InitOnceBeginInitialize
InitOnceComplete
GetModuleHandleExW
LCIDToLocaleName
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
FindResourceExW
GetTempFileNameA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
Sleep
GetTickCount64
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
lstrcmpiA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
FileTimeToSystemTime
GetACP
GetFileAttributesA
GetThreadLocale
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
CreateFileA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
SetThreadPriority
WaitForSingleObject
SetEvent
CopyFileA
FormatMessageA
MulDiv
GlobalSize
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
GlobalUnlock
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryA
FindResourceA
GlobalFree
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetVersionExA
GetCurrentThread
SetLastError
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetFilePointerEx
CreateThread
WriteFile
SetFilePointer
FindResourceW
LoadResource
LockResource
SizeofResource
LocalFree
LocalAlloc
TerminateProcess
WideCharToMultiByte
GetTempPathA
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
GetLastError
MultiByteToWideChar
ExitProcess
OutputDebugStringA
LoadLibraryW
CreateFileW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize

user32

GetNextDlgGroupItem
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
MessageBeep
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
MonitorFromPoint
MapVirtualKeyA
GetKeyNameTextA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
TrackMouseEvent
IsZoomed
CharUpperA
DrawIconEx
IsWindow
DestroyWindow
GetAsyncKeyState
LoadMenuW
GetMenuStringA
GetLastActivePopup
GetWindowThreadProcessId
EnumDisplayMonitors
GetMonitorInfoA
SystemParametersInfoA
LoadCursorW
LoadCursorA
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoA
DefWindowProcA
GetDesktopWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetSystemMenu
NotifyWinEvent
SetCursorPos
UnionRect
DestroyAcceleratorTable
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuItemInfoA
OpenClipboard
GetActiveWindow
GetNextDlgTabItem
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
GetKeyState
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
CreateDialogIndirectParamA
EndDialog
GetDlgItem
ModifyMenuA
IsRectEmpty
GetWindowRgn
DestroyCursor
InvertRect
HideCaret
GetClassNameA
EnableWindow
LoadIconW
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
MessageBoxA
UnregisterClassA
PostMessageA
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
RegisterWindowMessageA
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateA
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
CharUpperBuffA
SubtractRect
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
UpdateLayeredWindow
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
GetUpdateRect
SetClassLongA
CheckMenuItem

gdi32

CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectA
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesA
GetDeviceCaps
GetStockObject
GetTextCharsetInfo
GetObjectA
CopyMetaFileA
CreateDCA
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
CreateCompatibleBitmap
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetRgnBox
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
BitBlt
GetTextMetricsA
Polyline
Polygon
CreatePolygonRgn
ExtTextOutA
PatBlt
GetTextExtentPoint32A
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
GetMapMode
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

SHAppBarMessage
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA
SHBrowseForFolderA
DragFinish
ShellExecuteA
SHGetPathFromIDListA
DragQueryFileA
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
StrFormatKBSizeA

uxtheme

IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeColor
DrawThemeBackground

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoTaskMemFree

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantClear
VariantInit
VariantCopy
VarBstrFromDate
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantChangeType
SysAllocStringLen

oledlg

ord8

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipBitmapLockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext

ntdll

RtlImageNtHeader

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

msvcrt

_clearfp
_CIlog10
_strtoui64
___lc_handle_func
?terminate@@YAXXZ
?_set_new_mode@@YAHH@Z
_setmbcp
_acmdln
__set_app_type
_XcptFilter
__getmainargs
_unlock
_lock
__pctype_func
___mb_cur_max_func
___lc_codepage_func
_controlfp_s
wctomb_s
_mbtowc_l
wcstol
strrchr
tolower
__CxxFrameHandler3
strchr
memcpy
memset
memmove
_CxxThrowException
memcmp
wcsrchr
_except_handler4_common
_amsg_exit
__p__commode
isspace
malloc
free
strtol
_errno
toupper
_mktime64
abort
calloc
_aligned_free
_aligned_malloc
wcslen
strcat_s
_strdup
strlen
strnlen
_mbsstr
_mbsicmp
_mbsinc
_mbslwr_s
_mbsupr_s
_splitpath_s
wcscpy_s
_mbsicoll
_mbsnbcmp
_ismbcspace
labs
_mbsnbcpy_s
_resetstkoflw
realloc
_mbschr
_mbscmp
wcscat_s
wcsnlen
strcpy_s
_makepath_s
_ismbblead
_expand
_msize
atoi
_mbscspn
_mbspbrk
_mbsrchr
_mbsspn
ldiv
_ismbcdigit
strtoul
_ltoa_s
_ultoa_s
wcsncpy_s
abs
sin
ceil
floor
cos
exp
sqrt
clock
atol
strncpy_s
_localtime64_s
_beginthread
_endthread
rand_s
_mbscoll
_ismbcalnum
_ismbcalpha
_ismbcprint
_mbctolower
_mbctoupper
atan2
_initterm
_initterm_e
_set_fmode

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ca589a1fa0d2be3bedc16b7f2c6168b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ntdll

oleacc

imm32

winmm

msvcrt

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 439KB - Virtual size: 439KB

.data Size: 21KB - Virtual size: 37KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 140KB - Virtual size: 139KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 439KB - Virtual size: 439KB

.data
Size: 21KB - Virtual size: 37KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 140KB - Virtual size: 139KB