HUPDATE[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HUPDATE.exe
Size

14.0MB
MD5

fd709b995fa4ce7e37705af03c56078c
SHA1

a01536885f266ac555ad6e85449da76503e2b523
SHA256

92bf22e7e02f766e698534a888445902c8d8157a72a2e485f3384aad089bb0ee
SHA512

93b72edcddb944d237843638d329ba1b0e7ab3e865d866396db16219c690068699d8c2fd9c0aa168ac369fd1ea8cbdea9242cc69f6de6a88d9b028241c8c2b8e
SSDEEP

196608:W0sc3Pcp3JuWv66waEXBKHKFdu9lYkwbm5Ulz2uqIfpZq4op/hbTUhtAik93h:/LYJuYEiKFdu9lEmWlz2sxZ36/hP9ik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HUPDATE.exe

Files

HUPDATE.exe
.exe windows x86

815e255c3a958469a87df94e6445597c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
GetKeyboardState
SetMenuItemInfoW
TrackPopupMenuEx
MapVirtualKeyW
ToAscii
ToUnicode
GetKeyboardLayout
DestroyCaret
SetCaretPos
CreateCaret
HideCaret
TranslateMessage
GetKeyboardLayoutList
RegisterWindowMessageW
CreateCursor
CreateIconIndirect
SetCursorPos
DestroyCursor
GetDesktopWindow
CreateWindowExW
ValidateRgn
GetClientRect
GetWindowPlacement
SetWindowPlacement
GetWindowRect
IsWindowVisible
IsZoomed
SetParent
SetWindowRgn
MoveWindow
ShowWindow
SetWindowTextW
DestroyWindow
AdjustWindowRectEx
ScrollWindowEx
UpdateWindow
SetForegroundWindow
UnhookWindowsHookEx
DestroyIcon
GetClassInfoW
DrawIconEx
GetSysColorBrush
RegisterClassW
ClientToScreen
GetSystemMetrics
DefWindowProcW
GetWindowRgn
InvalidateRect
UnregisterClassW
GetCursorPos
SendMessageW
ClipCursor
IsIconic
GetUpdateRect
InvalidateRgn
BeginPaint
EndPaint
ScreenToClient
GetSysColor
SetCapture
GetDoubleClickTime
SetDoubleClickTime
SetCaretBlinkTime
PeekMessageW
PostMessageW
GetKeyState
ReleaseCapture
SetCursor
GetCaretBlinkTime
FlashWindowEx
MessageBeep
WindowFromPoint
GetParent
ReleaseDC
GetDC
GetWindowLongW
SetWindowLongW
GetActiveWindow
GetFocus
SetFocus
GetSystemMenu
EnableMenuItem
IsChild
SystemParametersInfoW
GetIconInfo
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
GetClipboardFormatNameW
CharNextExA
SetTimer
KillTimer
GetQueueStatus
DispatchMessageW
LoadImageW
MsgWaitForMultipleObjectsEx
SetWindowPos

kernel32

SetFilePointer
SwitchToThread
FormatMessageA
QueryDosDeviceA
GetSystemInfo
GetLogicalDrives
GetDriveTypeA
CreateFileW
SetFileAttributesW
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
DefineDosDeviceA
CreateEventA
SetEvent
ReleaseSemaphore
OpenSemaphoreA
CreateSemaphoreA
SearchPathA
CreateMutexA
DeleteFiber
ConvertThreadToFiber
CreateFiberEx
ConvertFiberToThread
SwitchToFiber
TlsGetValue
TlsAlloc
TlsSetValue
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
FindNextFileA
FindFirstFileA
SetErrorMode
GetVersion
GetLocalTime
FindClose
GetFileSize
ReadFile
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetVersionExA
TerminateThread
SetThreadPriority
GetFileInformationByHandle
FlushFileBuffers
WriteFile
OpenProcess
GetProcessTimes
ResumeThread
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
FileTimeToSystemTime
GetSystemTime
SystemTimeToFileTime
GetComputerNameW
WideCharToMultiByte
GetEnvironmentVariableA
LocalAlloc
CreateFileA
LocalFree
DeviceIoControl
OpenMutexA
GetModuleHandleA
OutputDebugStringA
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
WaitForMultipleObjects
GetCurrentProcessId
ReleaseMutex
CloseHandle
WaitForSingleObject
CreateMutexW
OpenMutexW
GetLastError
DuplicateHandle
SetEndOfFile
GetUserDefaultLangID
SetEnvironmentVariableA
CompareStringA
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
VirtualQuery
VirtualProtect
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
SetUnhandledExceptionFilter
SetLastError
GetCurrentDirectoryA
SetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetLocaleInfoW
GetModuleHandleW
ExpandEnvironmentStringsW
CreateProcessW
GetVolumeInformationW
IsValidLocale
IsValidLanguageGroup
GlobalUnlock
GlobalLock
GlobalAlloc
FindFirstFileW
LoadLibraryW
lstrcmpW
GlobalSize
GlobalFree
GetDriveTypeW
CreateEventW
PeekNamedPipe
ResetEvent
DisconnectNamedPipe
GetOverlappedResult
WaitNamedPipeW
ConnectNamedPipe
CreateNamedPipeW
CompareStringW
GetUserDefaultLCID
MultiByteToWideChar
GetCommandLineW
GetDateFormatW
GetTimeFormatW
GetModuleFileNameW
OutputDebugStringW
FormatMessageW
GetVersionExW
CreateSemaphoreW
GetFileType
SetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
SetFilePointerEx
GetCurrentDirectoryW
GetFullPathNameW
DeleteFileW
CopyFileW
MoveFileW
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
GetTempPathW
GetFileTime
CreateFileMappingW
GetThreadPriority
GetCurrentThread
TlsFree
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindNextFileW
RtlUnwind
ExitProcess
RaiseException
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread

ws2_32

WSASocketW
setsockopt
select
__WSAFDIsSet
getpeername
getsockname
WSAConnect
bind
listen
WSARecvFrom
WSAAccept
WSARecv
WSAIoctl
htonl
WSANtohl
WSANtohs
WSAHtonl
WSAHtons
WSAGetLastError
getsockopt
WSAStartup
WSASendTo
WSACleanup
WSAAsyncSelect
inet_addr
gethostbyaddr
closesocket
WSASend
gethostbyname
ntohl

gdi32

GetDIBits
CreateDIBSection
CreateBitmap
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetFontData
CreateFontIndirectW
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExW
GetOutlineTextMetricsW
ExtTextOutW
SetTextAlign
SetBkMode
SetTextColor
GetGlyphOutlineW
SetWorldTransform
SetGraphicsMode
GetTextExtentPoint32W
GetCharABCWidthsFloatW
GetCharABCWidthsW
GdiFlush
CreatePalette
GetPaletteEntries
CreateEllipticRgn
CreateRectRgn
GetRegionData
CombineRgn
OffsetRgn
GetDeviceCaps
PtInRegion
DeleteObject
SelectPalette
RealizePalette
SelectClipRgn
GetObjectW
GetStockObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegFlushKey
RegCreateKeyExW
OpenProcessToken
GetTokenInformation
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW

shell32

ShellExecuteW
SHGetFileInfoW

ole32

CoUninitialize
CoInitialize
CoGetMalloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleUninitialize
OleInitialize
CoCreateGuid
StringFromGUID2
OleGetClipboard
CoCreateInstance

oleaut32

VariantInit
SysAllocString
SysStringLen
SysFreeString
SysAllocStringByteLen

imm32

ImmGetContext
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmGetDefaultIMEWnd

winmm

PlaySoundW

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 665KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

815e255c3a958469a87df94e6445597c

Headers

File Characteristics

Imports

user32

kernel32

ws2_32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

imm32

winmm

Sections

.text Size: 5.7MB - Virtual size: 5.7MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 228KB - Virtual size: 665KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 5.7MB - Virtual size: 5.7MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 228KB - Virtual size: 665KB

.rsrc
Size: 8KB - Virtual size: 5KB