htcacheclean[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

htcacheclean.exe
Size

52KB
MD5

d0943b6ddc3e18d4f9103dd927c7af35
SHA1

55784041459bcb9817bc32d3810fe836cfba7c21
SHA256

07a1ad6da84b9d7fef5feaae33476678bd9d4ac901e8ebdd0c48c007b2c616a4
SHA512

ff80a4df30baa1f6edf3e92d11c896b74edcd42aaefa2a09fd43e52b061a70a4114f3ec4e90fa3a874111dd5439a58b268bc3cfb398abd4541f42fa8106499cf
SSDEEP

768:EzNN7K1Ya6MIU/im/eyp8YPpQjWoUiwJ++wTL0ro05T65m4hVab/n5qmm:EPK1YlDsx/j6Co4c+mLGoc665qmm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
htcacheclean.exe

Files

htcacheclean.exe
.exe windows:4 windows x86 arch:x86

5788646b73ad2e99aa766a4e4165f106

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
_onexit
__dllonexit
toupper
atoi
_ftol
modf
realloc
__p__environ
__p__wenviron
strncmp
fprintf
_iob
_errno
memchr
wcslen
wcscpy
wcschr
__mb_cur_max
_isctype
_pctype
wcsncmp
free
malloc
strrchr
strchr
exit
signal
_strnicmp
_stricmp

kernel32

UnlockFileEx
UnlockFile
LockFileEx
LockFile
LoadLibraryA
GetProcAddress
GetVersionExA
TerminateProcess
SetEvent
ReleaseMutex
CreateMutexA
RemoveDirectoryW
RemoveDirectoryA
FindNextFileW
FindNextFileA
TlsFree
TlsAlloc
GetCommandLineW
GlobalFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
LocalFree
GetFileType
GetLastError
GetFileInformationByHandle
FindFirstFileA
GetDriveTypeA
GetFullPathNameW
FindClose
FindFirstFileW
GetSystemTimeAsFileTime
Sleep
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetStdHandle
EnterCriticalSection
GetExitCodeProcess
WaitForSingleObject
SetStdHandle
SetFilePointer
CreateFileA
WriteFile
DeleteFileA
DeleteFileW
SetLastError
GetDriveTypeW
GetFullPathNameA
GetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
CreateEventA
GetOverlappedResult
ReadFile
PeekNamedPipe
CreateFileW

advapi32

FreeSid
AllocateAndInitializeSid

wsock32

WSAStartup
WSACleanup
ntohl

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5788646b73ad2e99aa766a4e4165f106

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

wsock32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB