HorionInjector (1)[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

HorionInjector (1).exe
Size

4.2MB
MD5

9d84f0ac49bdf75fb9f387642c7f94ed
SHA1

0a16154ea5e30d52ab4997453f08480b22fa4eb1
SHA256

291229f5b2a9923bdd233be413bf40d65b2a56d57f520c307cdf1073017697c1
SHA512

66f48eb8f5240d86c044bbc5e583ead561c157a8a2b8cc31d73f1b675210c3b947266e963ff59d014e23ca7f4b281a72c6579eb96eb8b0c0563e9c97a13644b2
SSDEEP

49152:EgR3ZfEr6+yKahhka0E3BPxrGgtEnPk9erMD83eAMB8nsbOqzHb8xrxD/:rnKahhkpEA4IOAaID/

Score

1^/10

Malware Config

Signatures

Files

HorionInjector (1).exe
.exe windows x64

5e21a8f03716e3b06f0b5e45ee955d8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

QueryPerformanceFrequency
GetDriveTypeW
GetLogicalDriveStringsW
GetFileSize
CreateFileA
Sleep
MultiByteToWideChar
WriteFile
ReadFile
CreateDirectoryW
VirtualFreeEx
CreateRemoteThread
GetModuleHandleW
LocalFree
VirtualAllocEx
GetProcAddress
CloseHandle
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
WaitForSingleObject
WriteProcessMemory
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
GetFileInformationByHandleEx
AreFileApisANSI
GetFileAttributesExW
GetLocaleInfoEx
FormatMessageA
GlobalFree
GlobalHandle
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
SetLastError
MulDiv
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
AttachConsole
FreeConsole
GetStdHandle
ExpandEnvironmentStringsW
IsBadStringPtrA
IsBadReadPtr
CopyFileW
GetFileType
SetCurrentDirectoryW
WaitForMultipleObjects
CreateEventW
SetEvent
LoadLibraryW
FreeLibrary
GetCommandLineW
GetACP
RtlCaptureContext
GetTempPathW
GetTempFileNameW
GetLongPathNameW
GetFileAttributesW
FindFirstFileW
FindClose
CreateFileW
GetCPInfo
IsValidCodePage
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
GetNativeSystemInfo
GetVersionExW
TerminateProcess
GetCurrentProcessId
IsDebuggerPresent
GetEnvironmentVariableW
OutputDebugStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetCurrentThread
ExitProcess
GetCurrentProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FormatMessageW
GetLastError
WideCharToMultiByte
SetErrorMode

user32

DestroyIcon
IsRectEmpty
ValidateRgn
GetCaretBlinkTime
GetDoubleClickTime
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
DestroyCursor
DrawIconEx
ValidateRect
GetMessageW
GetClassNameW
MessageBeep
GetWindowTextLengthW
GetWindowTextW
SetWindowRgn
OffsetRect
wsprintfW
IsClipboardFormatAvailable
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
MonitorFromPoint
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetClipboardFormatNameW
RegisterClipboardFormatW
CheckMenuRadioItem
GetSysColorBrush
GetMenuItemID
CheckMenuItem
DrawFrameControl
DrawEdge
FindWindowExW
ChildWindowFromPoint
HideCaret
keybd_event
IsMenu
GetComboBoxInfo
GetDesktopWindow
UnionRect
EndPaint
BeginPaint
GetWindowDC
SetMenuItemInfoW
InsertMenuItemW
SetMenuInfo
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
GetSubMenu
DestroyMenu
CopyRect
SetRectEmpty
SetRect
DrawStateW
CreateIconIndirect
DrawFocusRect
DrawTextW
GetDlgItem
CreateDialogParamW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
SetParent
GetParent
GetWindowLongW
PtInRect
InflateRect
CreatePopupMenu
MessageBoxW
VkKeyScanW
CreateMenu
PostThreadMessageW
PostMessageW
RegisterClassW
CreateWindowExW
BringWindowToTop
PeekMessageW
SendMessageW
DefWindowProcW
UnregisterClassW
DestroyWindow
DispatchMessageW
MsgWaitForMultipleObjects
SetTimer
KillTimer
SetCursor
LoadCursorW
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
GetKeyState
GetProcessDefaultLayout
LoadBitmapW
LoadIconW
LoadImageW
GetIconInfo
ShowWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
IsIconic
IsZoomed
CreateDialogIndirectParamW
GetDialogBaseUnits
DrawMenuBar
GetSystemMenu
EnableMenuItem
SetForegroundWindow
SetWindowTextW
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
RegisterWindowMessageW
SetMenu
GetWindowRect
TranslateMessage
RegisterHotKey
UnregisterHotKey
GetMessagePos
GetMessageTime
PostQuitMessage
CallWindowProcW
IsWindow
AnimateWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
SetFocus
GetActiveWindow
GetFocus
GetAsyncKeyState
FillRect
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
EnableWindow
IsWindowEnabled
GetSystemMetrics
GetMenuItemCount
TrackPopupMenu
GetMenuItemInfoW
UpdateWindow
GetDC
ReleaseDC
GetUpdateRgn
InvalidateRect
RedrawWindow
ScrollWindow
EnableScrollBar
GetClientRect
SetCursorPos
GetCursorPos
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
ChildWindowFromPointEx
GetSysColor
GetMenuState

advapi32

RegEnumValueW
RegGetValueA
RegOpenKeyExW
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetUserNameW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegSetValueExW
RegQueryValueExW
ConvertStringSidToSidW

comctl32

ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_SetBkColor
ImageList_Draw
ImageList_Replace
ImageList_Create
ord17
ord16

rpcrt4

UuidToStringW
RpcStringFreeW

oleacc

LresultFromObject

uxtheme

OpenThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
IsThemeBackgroundPartiallyTransparent
GetThemeColor
DrawThemeParentBackground
GetThemeMargins
IsThemeActive
IsAppThemed
GetThemeFont
GetThemePartSize
GetThemeInt
GetThemeSysColor
GetThemeSysFont
SetWindowTheme
IsThemePartDefined
GetThemeBackgroundExtent
GetCurrentThemeName
CloseThemeData

msvcp140

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

urlmon

URLDownloadToFileW

shlwapi

SHAutoComplete

msimg32

GradientFill
AlphaBlend

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__current_exception_context
longjmp
memcmp
strstr
wcschr
strchr
__C_specific_handler
_set_se_translator
memset
memmove
memcpy
_CxxThrowException
wcsstr
__RTtypeid
_purecall
__std_type_info_compare
__std_terminate
__std_exception_destroy
__std_exception_copy
__intrinsic_setjmp
memchr

api-ms-win-crt-heap-l1-1-0

realloc
free
_callnewh
_set_new_mode
malloc
calloc

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_beginthreadex
_initialize_onexit_table
_errno
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
system
_get_narrow_winmain_command_line
_initterm
abort
_initterm_e
_exit
_c_exit
_register_thread_local_exe_atexit_callback
exit
_invalid_parameter_noinfo_noreturn
terminate

api-ms-win-crt-string-l1-1-0

towlower
iswxdigit
_strdup
_wcsicmp
iswprint
towupper
wcsncpy
iswspace
iswalnum
iswdigit
iswalpha
toupper
strcmp
strncmp
isspace
_stricmp
strncpy
wcspbrk
tolower

api-ms-win-crt-convert-l1-1-0

strtoll
strtol
wcstombs_s
atof
_wcstoui64
_wcstoi64
_wtol
wcstoul
wcstol
_wcstod_l
wcstod
_wtoi

api-ms-win-crt-stdio-l1-1-0

clearerr
fgetpos
_fileno
setvbuf
_telli64
_get_osfhandle
__p__commode
ungetc
fsetpos
fread
_fseeki64
_set_fmode
_get_stream_buffer_pointers
__stdio_common_vfprintf
feof
ferror
__acrt_iob_func
_ftelli64
_lseeki64
_write
_read
fputc
__stdio_common_vswscanf
_open_osfhandle
__stdio_common_vsscanf
_wsopen_dispatch
_close
__stdio_common_vfwprintf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
fflush
_wfopen
__stdio_common_vsprintf
fwrite
fclose
fgetc

api-ms-win-crt-environment-l1-1-0

getenv_s
_wgetenv
_wgetcwd
getenv

api-ms-win-crt-filesystem-l1-1-0

_wrename
_lock_file
_unlock_file
_wremove

api-ms-win-crt-time-l1-1-0

_gmtime64
_localtime64
_mktime64
_time64
_get_timezone
wcsftime
_tzset

api-ms-win-crt-locale-l1-1-0

_free_locale
_create_locale
___lc_codepage_func
_configthreadlocale
setlocale

api-ms-win-crt-utility-l1-1-0

qsort
bsearch

api-ms-win-crt-math-l1-1-0

lround
lroundf
cos
sin
sqrt
ceil
floor
atan2
fmod
__setusermatherr
acosf
atan2f
ceilf
cosf
floorf
_fdopen
fmodf
pow
sinf
sqrtf
tanf

gdi32

GetOutlineTextMetricsW
CreateFontIndirectW
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmapIndirect
CreateBitmap
BitBlt
SetTextColor
SetBkMode
SetBkColor
GdiFlush
SetBrushOrgEx
GetTextMetricsW
SelectPalette
SelectObject
CreateSolidBrush
RealizePalette
GetDeviceCaps
ExcludeClipRect
CreateRectRgn
GetObjectW
GetCharABCWidthsW
GetGraphicsMode
EndPage
StartPage
EndDoc
StartDocW
SetAbortProc
EnumFontFamiliesExW
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
SetViewportOrgEx
GetSystemPaletteEntries
CreateDCW
CreateICW
GetTextExtentExPointW
DeleteObject
CreateRectRgnIndirect
ExtCreatePen
CreatePen
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
GetDIBits
CreateDIBitmap
CreatePatternBrush
CreateHatchBrush
GetTextExtentPoint32W
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
RectInRegion
PtInRegion
GetRgnBox
EqualRgn
CombineRgn
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
PolyBezier
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
ModifyWorldTransform
SetWorldTransform
GetWorldTransform
SetStretchBltMode
SetROP2
StretchDIBits
StretchBlt
SetPolyFillMode
SetPixel
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
ExtSelectClipRgn
SelectClipRgn
RoundRect
Rectangle
PolyPolygon
Pie
MaskBlt
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExtFloodFill
Ellipse
Arc
ExtTextOutW
MoveToEx
LineTo
GetBkColor
OffsetRgn
GetRegionData
ExtCreateRegion
GetWindowExtEx
GetViewportExtEx

winspool.drv

GetPrinterW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

PrintDlgW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgW
ChooseFontW

shell32

ord6
SHGetFileInfoW
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
ExtractIconW
SHGetFolderPathW
CommandLineToArgvW
DragQueryPoint

ole32

CoTaskMemAlloc
OleSetClipboard
RevokeDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoCreateInstance
CoTaskMemFree
RegisterDragDrop
OleGetClipboard
OleUninitialize
CoLockObjectExternal
OleInitialize
ReleaseStgMedium

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e21a8f03716e3b06f0b5e45ee955d8b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

rpcrt4

oleacc

uxtheme

msvcp140

urlmon

shlwapi

msimg32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

gdi32

winspool.drv

comdlg32

shell32

ole32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 65KB - Virtual size: 247KB

.pdata Size: 107KB - Virtual size: 106KB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 79KB - Virtual size: 78KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 65KB - Virtual size: 247KB

.pdata
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 79KB - Virtual size: 78KB