ab410e2b27ca9dbfcd45b2772603ca9244ce572f4d1fa0bb64d02303d3937e1b

Sharing

Copy URL Twitter E-mail

General

Target

ab410e2b27ca9dbfcd45b2772603ca9244ce572f4d1fa0bb64d02303d3937e1b
Size

2.4MB
MD5

434046853d56b1e09db813290d50b813
SHA1

3e1be49a885cb9ac3b9b25a20c10d0f53ecd02ce
SHA256

ab410e2b27ca9dbfcd45b2772603ca9244ce572f4d1fa0bb64d02303d3937e1b
SHA512

436c112a5f6e43c999c9bed6cd1123b82ade5321adb5abb73c53f5b3f9b058464b7240609ac3be761af32641bd4f61c2b909238f331d5b7ac3d8b5c2c520b822
SSDEEP

49152:XIwIgy4qv0mStGba9f5+SzbnjXZKA5WU+ejYNkZ6GLvU2/JKk5g10JG3i05a+J8i:YjB4qvHZkf5+SvnjXZKA5WYkNg6GLvUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab410e2b27ca9dbfcd45b2772603ca9244ce572f4d1fa0bb64d02303d3937e1b

Files

ab410e2b27ca9dbfcd45b2772603ca9244ce572f4d1fa0bb64d02303d3937e1b
.dll windows:5 windows x86 arch:x86

46167d107bd795c20a76581a5c020683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\fjca\CAClient\Release\FJCASOF_SKF_DLL.pdb

Imports

ws2_32

recv
WSACleanup
setsockopt
shutdown
htons
closesocket
htonl
WSAStartup
connect
gethostname
WSAStringToAddressA
gethostbyname
send
WSAGetLastError
WSASocketA

kernel32

GetCommandLineA
HeapReAlloc
ExitProcess
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetTimeFormatA
GetDateFormatA
GetDriveTypeW
CreateDirectoryA
ExitThread
SetStdHandle
GetDriveTypeA
FindFirstFileExA
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
SetHandleCount
GetStartupInfoW
HeapCreate
HeapDestroy
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
LCMapStringW
GetLocaleInfoW
CreateFileW
GetCurrentDirectoryW
GetProcessHeap
GetFileInformationByHandle
PeekNamedPipe
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
GetNumberFormatA
GetWindowsDirectoryA
GetOEMCP
GetCPInfo
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
MoveFileA
CreateFileA
lstrcmpiA
lstrcpyA
DeleteFileA
GetACP
GlobalFlags
InterlockedIncrement
FileTimeToSystemTime
HeapAlloc
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
LoadLibraryW
lstrcmpW
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
lstrcmpA
GetModuleHandleW
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
FindResourceA
FreeResource
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
SetLastError
lstrlenA
GetConsoleScreenBufferInfo
WriteConsoleA
GetConsoleMode
WriteFile
SetConsoleTextAttribute
AllocConsole
OutputDebugStringA
LockFileEx
UnlockFile
SwitchToThread
InterlockedExchange
Sleep
GetCurrentDirectoryA
InterlockedExchangeAdd
InterlockedCompareExchange
GetSystemTimeAsFileTime
TlsFree
TlsAlloc
TlsSetValue
DeleteCriticalSection
ResetEvent
EnterCriticalSection
ReleaseSemaphore
CreateSemaphoreA
LeaveCriticalSection
CreateEventA
InitializeCriticalSection
SetEvent
WaitForSingleObject
TlsGetValue
FlushConsoleInputBuffer
GetVersionExA
CloseHandle
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetStdHandle
GetFileType
GetVersion
GetCurrentThreadId
MultiByteToWideChar
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
GetCurrentProcess
FreeLibrary
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FindResourceW
HeapFree
DecodePointer
EncodePointer
CreateThread

user32

CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
SubtractRect
DestroyCursor
MapDialogRect
DrawIcon
GetWindowRgn
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
SetClassLongA
SetParent
DrawIconEx
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
MapVirtualKeyA
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
RedrawWindow
SetWindowRgn
GetSystemMenu
LoadMenuW
IntersectRect
OffsetRect
InflateRect
CharUpperA
DestroyIcon
IsIconic
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
KillTimer
SetTimer
DeleteMenu
RealChildWindowFromPoint
LoadCursorA
GetSystemMetrics
GetSysColorBrush
UnregisterClassA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ScreenToClient
ClientToScreen
GetWindowRect
PtInRect
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetClassNameA
InvalidateRect
UpdateWindow
GetClientRect
FillRect
DrawStateA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
PostMessageA
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
MapVirtualKeyExA
IsCharLowerA
GetKeyNameTextA
WaitMessage
PostThreadMessageA
CharUpperBuffA
CopyIcon
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
FrameRect
SendDlgItemMessageA
RegisterClipboardFormatA
EndDialog
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
SendMessageA
EnableWindow
GetCapture
DestroyAcceleratorTable

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
SetWindowExtEx
CreateEllipticRgn
Polyline
SetWindowOrgEx
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceA
GetPixel
GetWindowExtEx
GetViewportExtEx
GetTextColor
OffsetWindowOrgEx
CreateRectRgn
SelectClipRgn
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetStockObject
CreateSolidBrush
CreateBitmap
CopyMetaFileA
CreateDCA
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
Escape
ExtTextOutA
TextOutA
RectVisible
DeleteObject
Ellipse
DeleteDC
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
PtVisible

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
ReportEventA
RegisterEventSourceA
OpenProcessToken
GetTokenInformation
CopySid
RegSetValueExA
RegCreateKeyExA
GetLengthSid
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
DeregisterEventSource
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

DragQueryFileA
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
DragFinish
SHAppBarMessage
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoUninitialize
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
SysAllocString
VariantClear
SysAllocStringLen
SysFreeString

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Exports

Exports

_FJCA_SKF_CloseKey@0
_FJCA_SKF_DecryptDataByPrivateKeyOnUsbKey@8
_FJCA_SKF_EncryptDataByPublicKey@12
_FJCA_SKF_ExportUserCert@8
_FJCA_SKF_GenRSACSR@8
_FJCA_SKF_GenSM2CSR@4
_FJCA_SKF_GetCertCN@8
_FJCA_SKF_GetCertExtensionInfoById@12
_FJCA_SKF_GetCertNotAfter@8
_FJCA_SKF_GetCertNotBefore@8
_FJCA_SKF_GetCertSerial@8
_FJCA_SKF_GetCertSignatureAlgorithmFromCert@8
_FJCA_SKF_GetPinTimes@0
_FJCA_SKF_InstallECCEncCert@16
_FJCA_SKF_InstallRSAEncCert@16
_FJCA_SKF_InstallSignCert@8
_FJCA_SKF_IsUsbKeyConnected@0
_FJCA_SKF_OpenKey@0
_FJCA_SKF_SavePin@4
_FJCA_SKF_SignData@12
_FJCA_SKF_SignFile@8
_FJCA_SKF_VerifyFileSign@12
_FJCA_SKF_VerifySign@12

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46167d107bd795c20a76581a5c020683

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 436KB - Virtual size: 436KB

.data Size: 36KB - Virtual size: 75KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 207KB - Virtual size: 206KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 436KB - Virtual size: 436KB

.data
Size: 36KB - Virtual size: 75KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 207KB - Virtual size: 206KB