7377f5e9d818e8d21688dbaa313680cfd965afe81a3de0b5c996de5f5dcc35cf

Sharing

Copy URL Twitter E-mail

General

Target

7377f5e9d818e8d21688dbaa313680cfd965afe81a3de0b5c996de5f5dcc35cf
Size

1.7MB
MD5

038fc2c4a81920f511015e8fc52f23fa
SHA1

aa13cead725d4f8efe9bdbaecf99c202b0bfec15
SHA256

7377f5e9d818e8d21688dbaa313680cfd965afe81a3de0b5c996de5f5dcc35cf
SHA512

24edb7aebf9b2d094c1779f89c0841568d60dfe3010ed9251c2a574c92fbbe4c0b8712b60add64c2281e49dda507a3ba01f25cb0ee4258c7e5642d9dcf34c192
SSDEEP

49152:E4hjm7Z/IHgR0+xMXzKdJwDILjCPYidGeFcAHJdXgfaeE2V+:Rjm7Z/IHgR5EKJwDcjCPYidGeFce+ae8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7377f5e9d818e8d21688dbaa313680cfd965afe81a3de0b5c996de5f5dcc35cf

Files

7377f5e9d818e8d21688dbaa313680cfd965afe81a3de0b5c996de5f5dcc35cf
.exe windows:5 windows x86 arch:x86

4a4a176544cf4d19733fb4d290193306

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\fjca\CAClient\Release\CAClientUpdate.pdb

Imports

wininet

HttpSendRequestA
InternetOpenUrlA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA
InternetCrackUrlA
InternetConnectA
InternetReadFile

kernel32

GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapCreate
WriteConsoleW
CompareStringW
FindResourceW
LoadResource
WideCharToMultiByte
SizeofResource
LockResource
Sleep
GetModuleFileNameA
LCMapStringW
GetCurrentProcess
GetWindowsDirectoryA
GetProcAddress
GetModuleHandleA
DeleteFileA
GetLastError
lstrcatA
lstrcpyA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
OpenProcess
TerminateProcess
CloseHandle
CreateFileA
WaitForSingleObject
GetFileAttributesA
CopyFileA
MoveFileA
GetFileTime
lstrlenA
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
ExitThread
RaiseException
ExitProcess
RtlUnwind
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
MultiByteToWideChar
GetProfileIntA
GetNumberFormatA
EnterCriticalSection
DeleteCriticalSection
Process32First
GetTempFileNameA
SetErrorMode
GetOEMCP
GetCPInfo
GetACP
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryA
GlobalFlags
InitializeCriticalSection
GetFileSizeEx
GetFileAttributesExA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindClose
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
GetTickCount
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
ActivateActCtx
LoadLibraryA
DeactivateActCtx
SetLastError
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
FreeLibrary
CreateThread
GetTempPathA
CreateToolhelp32Snapshot
Process32Next
TerminateThread

user32

EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetNextDlgGroupItem
CopyImage
GetIconInfo
HideCaret
InvertRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
SetClassLongA
DestroyAcceleratorTable
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
RedrawWindow
GetSystemMenu
LoadMenuW
OffsetRect
IntersectRect
UnregisterClassA
DestroyMenu
GetMenuItemInfoA
InflateRect
DestroyIcon
WaitMessage
WindowFromPoint
SetCapture
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
RealChildWindowFromPoint
GetKeyNameTextA
InvalidateRect
DrawStateA
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
FillRect
CharUpperA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadImageW
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
RegisterClipboardFormatA
FrameRect
CopyIcon
CharUpperBuffA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetWindowRgn
MapDialogRect
DestroyCursor
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
GetUpdateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
IsIconic
DrawIcon
FindWindowExA
LoadIconW
GetSystemMetrics
FindWindowA
EndPaint
SetCursor
SetWindowRgn
SetTimer
KillTimer
DrawTextA
DrawIconEx
LoadBitmapA
GetParent
TrackMouseEvent
GetClientRect
SendMessageA
BeginPaint
PtInRect
GetDC
ReleaseDC
GetSysColorBrush
IsWindow
PostMessageA
SystemParametersInfoA
ReleaseCapture
IsWindowVisible
UpdateWindow
EnableWindow
LoadCursorA
MessageBoxA
MapVirtualKeyA

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
SetRectRgn
CombineRgn
DPtoLP
CreateDIBSection
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
GetLayout
SetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
SetBkColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
BitBlt
SetTextColor
DeleteDC
StretchBlt
CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateRoundRectRgn
GetStockObject
GetObjectA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegCloseKey
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CryptHashData
CryptDestroyHash

shell32

ShellExecuteA
SHGetFolderPathA
SHAppBarMessage
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteExA
Shell_NotifyIconA
SHGetFileInfoA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
OleDuplicateData
CoTaskMemFree
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
ReleaseStgMedium
CoTaskMemAlloc

oleaut32

VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantChangeType
SysAllocString
SysAllocStringLen
SysFreeString
VariantClear

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

psapi

GetModuleFileNameExA
EnumProcessModules
EnumProcesses

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a4a176544cf4d19733fb4d290193306

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

psapi

oleacc

imm32

winmm

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 265KB - Virtual size: 265KB

.data Size: 22KB - Virtual size: 52KB

.rsrc Size: 61KB - Virtual size: 60KB

.reloc Size: 165KB - Virtual size: 164KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 265KB - Virtual size: 265KB

.data
Size: 22KB - Virtual size: 52KB

.rsrc
Size: 61KB - Virtual size: 60KB

.reloc
Size: 165KB - Virtual size: 164KB