HPUSBFW[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HPUSBFW.exe
Size

96KB
MD5

b64fa9c8bd4c8a0779a284e7ce3f9fbd
SHA1

c86c79e09470099f7d6d1de84cc245d85ba87eee
SHA256

3e45ac9be17f6ede738730013e419e2da1c73070e4bfaa6bee952d2019b448ce
SHA512

6dcf46bab30773a01bc051c004c99d59ae3f1f13925494e5d4d3ef9b5777b47a6ab5980391c2e2ccf1754e34102eec8463d2194d27affa5da33a564028be7321
SSDEEP

1536:i0v2/81VWycatxB/UAoKtZFQhXWP27oE9svIonz+Ii+Zl2owHlf:iyRL9FEqp+Ii+Zlv6lf

Score

N/A

Malware Config

Signatures

Files

HPUSBFW.exe
.exe windows x86

3b38bb7b84f12c096170d6f2115d3fd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

CreateFileW
GetDriveTypeW
GetLogicalDriveStringsW
ReadFile
SetFilePointerEx
WriteFile
FindClose
FindFirstFileW
GetTickCount
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetFileAttributesW
GetFullPathNameW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetVolumeInformationW
SetFileTime
GetFileSize
GetFileTime
SetFileAttributesW
GetLastError
CopyFileW
LockResource
LoadResource
FindResourceW
SetVolumeMountPointW
GetVolumeNameForVolumeMountPointW
DefineDosDeviceW
GetLogicalDrives
Sleep
CreateThread
GetCommandLineW
FlushFileBuffers
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetStdHandle
GetOEMCP
GetACP
LoadLibraryA
InterlockedExchange
GetStringTypeW
GetStringTypeA
GetCPInfo
GetLocaleInfoA
IsBadCodePtr
HeapSize
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
DeviceIoControl
CloseHandle
FormatMessageW
LocalFree
OutputDebugStringW
FindNextFileW
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
VirtualProtect
GetSystemInfo
VirtualQuery
ExitProcess
TerminateProcess
GetStdHandle
GetModuleFileNameA

user32

wsprintfW
EndDialog
GetWindowTextW
GetWindowRect
SystemParametersInfoW
GetSystemMenu
AppendMenuW
GetDlgItem
MoveWindow
SetFocus
SetWindowTextW
EnableWindow
SendMessageW
LoadStringW
MessageBoxW
FindWindowW
SetForegroundWindow
DialogBoxParamW
PostMessageW

advapi32

FreeSid
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc

ole32

CoInitializeEx
CoUninitialize

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b38bb7b84f12c096170d6f2115d3fd2

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 14KB

.SharedD Size: 4KB - Virtual size: 4B

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 14KB

.SharedD
Size: 4KB - Virtual size: 4B

.rsrc
Size: 16KB - Virtual size: 14KB