CascView[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

CascView.exe
Size

1.9MB
MD5

bc514d3e467f5ef7f0cac63aeff07b4c
SHA1

0c567ab22070f9dc59a1cd7c63eecd88cd6e21ef
SHA256

9b3dc597c75ea3bfd2d124f5d9ba20092469adad7a141c0f2a919980f9850503
SHA512

b8eee6d038e793a0a1fa4e527e9b1844bcb86cfadc98cd4fb7accc9cfc73590434e4167b32d2910f0fd51ba27a92e249e97903892a23404fccffb9ada6046760
SSDEEP

24576:6NO2k/wnBNt/WyyKf9Ja35zjtmzxCe+7lqH0TErhYs1ec2Lkhs:L2k/wDIJKfg5szxt6lqH0TGNh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CascView.exe

Files

CascView.exe
.exe windows:6 windows x64 arch:x64

469fce02e0d98b43cad23a599c59a31e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

CascView.pdb

Imports

kernel32

FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
FreeResource
IsBadReadPtr
DeleteFileW
WriteFile
GetCurrentThreadId
WriteConsoleW
SetFilePointerEx
GetStringTypeW
SetStdHandle
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
ReleaseMutex
GetDateFormatW
SetConsoleCtrlHandler
GetFileType
GetStdHandle
GetModuleHandleExW
GetFileAttributesExW
GetCommandLineW
GetCommandLineA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FileTimeToSystemTime
EnumResourceNamesW
LoadLibraryExW
GetVersionExW
GetLocalTime
GetSystemTimeAsFileTime
OpenProcess
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetTempPathW
FileTimeToLocalFileTime
FreeLibrary
IsDebuggerPresent
SearchPathW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetEnvironmentVariableW
CreateDirectoryW
GetFileTime
MapViewOfFile
CreateFileMappingW
MoveFileExW
UnmapViewOfFile
SetEndOfFile
WaitForSingleObject
CreateMutexW
HeapSize
HeapDestroy
GetProcessHeap
CompareStringW
SetLastError
HeapReAlloc
GetTickCount
GlobalReAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
FormatMessageW
MulDiv
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
SetThreadPriority
WideCharToMultiByte
GlobalFree
ReadFile
HeapAlloc
GetFileSize
CreateFileW
LeaveCriticalSection
EnterCriticalSection
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
LockResource
LoadResource
SizeofResource
FindResourceW
HeapFree
CloseHandle
GetFullPathNameW
CreateThread
MultiByteToWideChar
GetFileAttributesW
GetLocaleInfoW
SetEnvironmentVariableW
GetModuleFileNameW
RemoveDirectoryW
GetTimeFormatW

user32

GetDlgItemTextW
LoadStringW
SetDlgItemTextW
SendMessageW
CallWindowProcW
SetMenu
GetComboBoxInfo
PostQuitMessage
GetWindowPlacement
EnableMenuItem
SetScrollPos
GetParent
SetWindowLongPtrW
GetDlgItem
GetFocus
IsChild
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
PtInRect
AdjustWindowRectEx
CharUpperA
CharLowerA
DestroyIcon
DrawIconEx
SetRect
GetIconInfo
GetWindowTextW
MessageBeep
EndDialog
CheckDlgButton
IsDlgButtonChecked
SetWindowTextW
GetAsyncKeyState
ShowWindow
SetTimer
GetWindowLongPtrW
PostMessageW
GetClientRect
GetSystemMetrics
LoadImageW
GetWindowLongW
GetWindowRect
SetWindowLongW
CreateCursor
MessageBoxW
SendDlgItemMessageA
FillRect
DrawTextExW
GetSystemMenu
DialogBoxIndirectParamW
SetWindowPos
IsWindowVisible
SetFocus
InvalidateRect
KillTimer
GetClassNameW
SetWindowTextA
EnableWindow
GetWindowTextA
GetWindowTextLengthW
CharUpperBuffA
IsWindow
DrawFrameControl
AppendMenuW
DeleteMenu
SetMenuItemInfoW
GetMenuItemInfoW
WindowFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetSysColor
CreateWindowExW
CreateDialogParamW
DialogBoxParamW
IsDialogMessageW
TranslateAcceleratorW
LoadAcceleratorsW
LoadIconW
RegisterClassExW
LoadCursorW
GetClassInfoExW
DefWindowProcW
IntersectRect
EndPaint
BeginPaint
SetCursor
ScreenToClient
GetCursorPos
SetCapture
ReleaseCapture
SystemParametersInfoW
UpdateWindow
GetScrollInfo
TabbedTextOutW
ShowCaret
SetCaretPos
GetTabbedTextExtentW
CreateCaret
SetScrollInfo
DestroyCaret
HideCaret
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DestroyMenu
TrackPopupMenu
SetForegroundWindow
GetSubMenu
GetMenuStringW
GetMenuItemCount
LoadMenuW
ClientToScreen
IsWindowEnabled
ReleaseDC
GetDC
DestroyWindow
GetWindow
GetTopWindow
LoadStringA
IsCharLowerW
IsCharUpperW
DispatchMessageW
TranslateMessage
GetMessageW

gdi32

GetTextMetricsW
GetFontLanguageInfo
DeleteObject
DeleteDC
CreateCompatibleDC
SelectObject
StretchDIBits
GetTextExtentPoint32W
GetWindowOrgEx
RestoreDC
SaveDC
SetWindowOrgEx
TextOutW
CreateFontIndirectW
GetDeviceCaps
GetObjectW
SetTextColor
ExtTextOutW
SetBkColor
GetStockObject
SetBkMode
SetTextAlign
BitBlt
SetDIBits
GetDIBits
CreateDIBSection
GetDIBColorTable
CreateBitmapIndirect
SetDIBitsToDevice
CreateDIBPatternBrushPt
Rectangle
StretchBlt
CreateCompatibleBitmap

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenThreadToken
AccessCheck
AddAccessAllowedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
DuplicateToken
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
IsValidSecurityDescriptor
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
LookupAccountSidW
LookupPrivilegeValueW
LogonUserW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExA

shell32

SHGetPathFromIDListW
DragQueryFileW
SHGetFileInfoW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetMalloc
ShellExecuteW
SHBrowseForFolderW

ole32

RevokeDragDrop
CoCreateInstance
OleInitialize
PropVariantClear
CoTaskMemAlloc
ReleaseStgMedium
CreateStreamOnHGlobal
RegisterDragDrop
DoDragDrop

oleaut32

SafeArrayDestroy
SafeArrayRedim
SafeArrayPutElement
SafeArrayCreateVector
SafeArrayCopy

urlmon

URLDownloadToFileW

comctl32

ImageList_Add
ImageList_DrawIndirect
ImageList_Destroy
ImageList_SetBkColor
ImageList_Create
ImageList_AddMasked
ImageList_GetIcon
ImageList_ReplaceIcon
InitCommonControlsEx
ord8
CreatePropertySheetPageW
PropertySheetW

wininet

InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetCheckConnectionW
InternetReadFile

gdiplus

GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipGetDpiX
GdipGetDpiY
GdipCreateBitmapFromStream
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipDrawImageI
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipBitmapSetResolution
GdipCreateBitmapFromStreamICM

ws2_32

WSAStartup
connect
socket
send
getaddrinfo
WSAGetLastError
recv
closesocket

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

469fce02e0d98b43cad23a599c59a31e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

urlmon

comctl32

wininet

gdiplus

ws2_32

version

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 250KB - Virtual size: 249KB

.data Size: 34KB - Virtual size: 45KB

.pdata Size: 66KB - Virtual size: 65KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 505KB - Virtual size: 504KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 250KB - Virtual size: 249KB

.data
Size: 34KB - Virtual size: 45KB

.pdata
Size: 66KB - Virtual size: 65KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 505KB - Virtual size: 504KB

.reloc
Size: 4KB - Virtual size: 4KB