HtComGui[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

HtComGui.exe
Size

2.1MB
MD5

080db34931c3433a5fdc34b04e50cdc0
SHA1

568bcedca58ca71f46fcb854bac9e32b19a34183
SHA256

f103c1d72d5664817403f782676f91c0e86b324e477b3f5ff4d0d036db0857b6
SHA512

c64995c7072742df57bddafb347ae75244ef95c0bcb2c3024bae91a85db3f8ef435067443d43746f76ff96cd010d9b641f188c52a51598c18bb69a231ada62cb
SSDEEP

49152:HpQ6lSsTjQJ+kj1xaLCjyjw3FPLsX/8DkDa8Hj4:Hi6m+kj1xaOjmmPlDkDy

Score

1^/10

Malware Config

Signatures

Files

HtComGui.exe
.exe windows x86

716e19e8e2b34dd2bbd580977a7ba742

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:d2:b1:cb:db:87:fd:98:a3:a0:11:b0:22:44:e6:dd
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

13/08/2021, 00:00

Not After

12/08/2024, 23:59

Subject

CN=Help Tech GmbH,O=Help Tech GmbH,ST=Baden-Württemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a7:4e:0c:e6:4e:92:49:5e:c4:31:e9:a0:42:cf:6a:08:9e:4f:53:2f
Signer

Actual PE Digest

a7:4e:0c:e6:4e:92:49:5e:c4:31:e9:a0:42:cf:6a:08:9e:4f:53:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Create
ord17

wininet

InternetOpenW
InternetCloseHandle
InternetConnectW
InternetReadFile
HttpOpenRequestW
HttpSendRequestW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

hid

HidD_SetNumInputBuffers
HidD_SetOutputReport
HidP_GetCaps
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FlushQueue

kernel32

IsValidLocale
SetConsoleCtrlHandler
GetFileSize
ReadFile
SetFilePointer
WriteFile
CloseHandle
GetLastError
SetLastError
LocalFree
GetTickCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
Sleep
FindClose
WaitForSingleObject
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCommandLineW
LoadLibraryA
GetUserDefaultLangID
LoadResource
LockResource
EnumResourceLanguagesW
GetSystemTime
GetLocalTime
GetOverlappedResult
CancelIo
SetEvent
ResetEvent
WaitForMultipleObjects
ClearCommError
GetCommState
GetCommTimeouts
PurgeComm
SetStdHandle
SetCommTimeouts
FreeLibrary
GetFileTime
LocalFileTimeToFileTime
SetFileTime
DosDateTimeToFileTime
SystemTimeToFileTime
GetModuleHandleA
CompareStringA
HeapReAlloc
GetCurrentThread
HeapAlloc
HeapFree
GetConsoleMode
SetFilePointerEx
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
GetModuleHandleExW
GetFileType
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetLocaleInfoEx
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
FormatMessageA
HeapSize
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
InitializeSListHead
GetConsoleOutputCP
GetFileSizeEx
SetEndOfFile
FlushFileBuffers
GetUserDefaultLCID
FindFirstFileExW
GetACP
GetOEMCP
GetCommandLineA
GetProcessHeap
GetTimeZoneInformation
SetCommState

user32

ReleaseDC
InvalidateRect
AdjustWindowRect
GetScrollInfo
GetDC
UpdateWindow
SetScrollInfo
SetTimer
GetParent
ClientToScreen
GetWindowRect
TrackPopupMenuEx
TrackPopupMenu
GetSubMenu
DestroyMenu
CreatePopupMenu
GetSystemMetrics
ScreenToClient
MapDialogRect
GetDialogBaseUnits
GetCursorPos
SetCursor
SetCursorPos
MessageBeep
GetForegroundWindow
EnumChildWindows
GetMenu
GetWindowPlacement
DestroyWindow
PostQuitMessage
ReplyMessage
EnumWindows
FlashWindow
TranslateMessage
GetClientRect
SetWindowPos
IsWindow
ShowWindow
SetForegroundWindow
GetKeyState
GetFocus
SetFocus
GetDlgItem
EndDialog
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MoveWindow
EnableMenuItem

gdi32

LPtoDP
SetTextColor
CreateSolidBrush
SetBkColor
DeleteObject
SetBkMode
SelectObject

comdlg32

CommDlgExtendedError

advapi32

RegCloseKey

shell32

SHGetMalloc
ord165

ole32

CoCreateInstance
CoInitialize
CoCreateGuid
CoInitializeEx
CoUninitialize

shlwapi

PathAppendW
PathCombineW

Sections

.text
Size: 919KB - Virtual size: 918KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 953KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

716e19e8e2b34dd2bbd580977a7ba742

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

97:d2:b1:cb:db:87:fd:98:a3:a0:11:b0:22:44:e6:ddCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

a7:4e:0c:e6:4e:92:49:5e:c4:31:e9:a0:42:cf:6a:08:9e:4f:53:2fSigner

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

wininet

setupapi

hid

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 919KB - Virtual size: 918KB

.rdata Size: 235KB - Virtual size: 235KB

.data Size: 20KB - Virtual size: 26KB

.rsrc Size: 953KB - Virtual size: 952KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

97:d2:b1:cb:db:87:fd:98:a3:a0:11:b0:22:44:e6:dd
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

a7:4e:0c:e6:4e:92:49:5e:c4:31:e9:a0:42:cf:6a:08:9e:4f:53:2f
Signer

.text
Size: 919KB - Virtual size: 918KB

.rdata
Size: 235KB - Virtual size: 235KB

.data
Size: 20KB - Virtual size: 26KB

.rsrc
Size: 953KB - Virtual size: 952KB