caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc

Sharing

Copy URL

Twitter E-mail

General

Target

caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
Size

1.7MB
MD5

2dcf1f91fefdb56f5e52ff08ef87f892
SHA1

cb023705f10d1dc2ea8e8bd6098c3fb5c221ffd5
SHA256

caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
SHA512

f08056d570a34ee444c6e04d0d8a72113476397a98d41b9a9e27aefdaa5f3b2d891f574c327054b166ec2f2d4b700d7441b2c0ed3864a416dc40e8046618c860
SSDEEP

24576:NXBA8669k5kxJjl9hqlGV77JH6q/eC8C1QDpMOeTS8z1HCICgqwfN/V:FBA86ck5kxptE4Nz8eTDz1iIhNd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc

Files

caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
.exe windows:5 windows x86 arch:x86

7a201f825f0764c8118a28ca7bec736d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Jenkins\workspace\FE12.1_Fnet_plugin_git\Starship\fxnet_release_v11\plugin_fxnet\FoxitDocCloudUninst\Release\FoxitDocCloudUninst.pdb

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetVersionExA
GetVersionExW
GetTickCount
MulDiv
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
FlushInstructionCache
GetFullPathNameW
FindResourceW
SizeofResource
LoadResource
SetLastError
LockResource
FreeResource
Sleep
HeapSize
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
MoveFileExW
FlushFileBuffers
GetProcessHeap
GetTimeZoneInformation
DecodePointer
SetStdHandle
GetStringTypeW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapReAlloc
GetCurrentThreadId
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
CreateFileW
GetFileType
GetACP
WriteFile
ExitThread
ReadFile
GetModuleHandleExW
ExitProcess
GetFileAttributesExW
GetTempPathW
RaiseException
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualFree
VirtualProtect
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
EncodePointer
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
OutputDebugStringA
WideCharToMultiByte
GetModuleFileNameW
CreateMutexW
SetCurrentDirectoryA
CopyFileA
GetModuleFileNameA
GetTempPathA
GetModuleHandleW
FreeLibrary
GetCurrentProcess
GetProcAddress
LoadLibraryW
MultiByteToWideChar
GlobalFree
GlobalAlloc
OutputDebugStringW
GetCurrentDirectoryW
GetLocalTime
InterlockedIncrement
InterlockedDecrement
TerminateProcess
OpenProcess
FindNextFileW
GetLastError
DeleteFileW
RemoveDirectoryW
SetCurrentDirectoryW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
ResetEvent
SetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
CreateDirectoryA
GetModuleHandleExA
GetStdHandle
WaitForSingleObject
ReleaseSemaphore
lstrlenA
GetCurrentProcessId
GlobalUnlock
GlobalLock
LocalFree
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
TryEnterCriticalSection
GetCurrentThread
VirtualAlloc
FindClose
EnumSystemLocalesW
FindFirstFileW
WaitForSingleObjectEx
DuplicateHandle
CloseHandle

user32

DestroyWindow
SetWindowPos
AttachThreadInput
GetForegroundWindow
MessageBoxW
IsWindow
LoadBitmapW
LoadCursorW
CreateIconFromResource
ReleaseDC
DestroyCursor
TrackMouseEvent
PostQuitMessage
AnimateWindow
SetLayeredWindowAttributes
IsIconic
IsZoomed
SetFocus
GetCapture
SetCapture
ReleaseCapture
DrawIconEx
SetForegroundWindow
GetDC
MonitorFromRect
GetWindowRect
ShowWindow
SendMessageW
GetActiveWindow
InvertRect
FillRect
SetTimer
KillTimer
UpdateWindow
BeginPaint
EndPaint
InvalidateRect
PostMessageW
GetWindowThreadProcessId
FindWindowW
LoadImageW
SetWindowTextW
MsgWaitForMultipleObjects
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
AppendMenuW
GetMenuItemCount
DestroyMenu
CreatePopupMenu
IsMenu
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
DrawTextW
IsWindowVisible
GetSystemMetrics
GetSysColor
EnableMenuItem
ClientToScreen
LoadIconW
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
EnableWindow
GetKeyState
GetFocus
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
EqualRect
SetRect
GetIconInfo
PtInRect
OffsetRect
SetCursor
CharNextW
GetWindow
MapWindowPoints
GetDlgItem
CreateWindowExW
RegisterClassExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
GetMonitorInfoW
MonitorFromWindow
DestroyIcon
GetClassNameW
GetParent
SetWindowLongW
GetWindowLongW
IsRectEmpty
UnionRect
IntersectRect
InflateRect
CopyRect
ScreenToClient
SetCaretPos
HideCaret
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetClientRect

gdi32

ExtCreatePen
SetWorldTransform
Polyline
GetCurrentObject
SetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
GetObjectW
SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SetGraphicsMode
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
CreateRoundRectRgn
EnumFontsW
DeleteObject
BitBlt
GetDeviceCaps
CreateDIBSection
Arc
CombineRgn
CreateEllipticRgnIndirect
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
Ellipse
ExcludeClipRect
GetClipRgn
GetRgnBox
GetTextColor
GetTextExtentPoint32W
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
RoundRect
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
SetTextColor
GetWorldTransform
GetViewportOrgEx

advapi32

RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegDeleteKeyExW
RegOpenKeyExA

shell32

ShellExecuteA
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CLSIDFromString
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
OleUninitialize
OleInitialize

oleaut32

SysFreeString
SysAllocString

shlwapi

PathIsDirectoryA
StrToIntExW
PathFileExistsW

wininet

InternetSetOptionW
InternetCloseHandle
HttpQueryInfoW
InternetReadFile
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

iphlpapi

GetAdaptersInfo

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetContext

gdiplus

GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipAlloc
GdipFree
GdiplusStartup
GdipGetPropertyItemSize
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectI
GdipGraphicsClear
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdiplusShutdown

msimg32

GradientFill
AlphaBlend

Sections

.text
Size: 904KB - Virtual size: 903KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a201f825f0764c8118a28ca7bec736d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

version

iphlpapi

imm32

gdiplus

msimg32

Sections

.text Size: 904KB - Virtual size: 903KB

.rdata Size: 261KB - Virtual size: 260KB

.data Size: 32KB - Virtual size: 101KB

.rsrc Size: 485KB - Virtual size: 485KB

.reloc Size: 68KB - Virtual size: 67KB

.text
Size: 904KB - Virtual size: 903KB

.rdata
Size: 261KB - Virtual size: 260KB

.data
Size: 32KB - Virtual size: 101KB

.rsrc
Size: 485KB - Virtual size: 485KB

.reloc
Size: 68KB - Virtual size: 67KB