himicu[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

himicu.exe
Size

1.9MB
MD5

8b7cddf963745b40a0a154cd63b1e456
SHA1

78fe8033c7b060e19a86d9a0732e72ed675766bb
SHA256

8f58f4f80d88f59f0a6eb54db8a49c1ada0375a31199113a114300871166cf65
SHA512

76ea4cea5b791f563e9421839291b51bca1cae02f3ce376665eae424d5a7043a87fb0e0f7b0f9298c54e0729195cd3784ebc3529e4180b78197571f9b3560390
SSDEEP

49152:YPSSgYNokAode/6Jl1a9bk+NdgzlFdSOcWbTAqHI+78nUkFmdNi4TBcP06FB:aIYNB1jJfa9bk+g5fSOcWbTAqHLBkEd2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
himicu.exe

Files

himicu.exe
.exe windows x86

02016b1a3deb2552b85ed3f159dbc09a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
ActivateActCtx
DeactivateActCtx
SetLastError
Sleep
GetTempPathA
GetTickCount
GetVersion
GetLocaleInfoA
GlobalAddAtomA
GetModuleHandleA
SetErrorMode
DeleteFileA
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
GlobalSize
FindResourceA
LoadLibraryA
FreeLibrary
CreateEventA
GetProcAddress
ResetEvent
SetEvent
lstrcpyA
GlobalGetAtomNameA
MulDiv
lstrcmpA
CreateFileA
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
GetLastError
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
lstrcmpiA
OpenFile
GetUserDefaultLCID
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
WideCharToMultiByte
FindResourceW
GetDriveTypeW
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
WriteConsoleW
GetTimeZoneInformation
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
IsValidLocale
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
EnumSystemLocalesA
FreeResource
lstrlenW
LocalFree
FormatMessageA
CopyFileA
lstrcmpW
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesExA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetProfileIntA
SetThreadPriority
ResumeThread
WaitForSingleObject
SuspendThread
GetModuleHandleW
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
InterlockedExchange
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GlobalFlags
GetACP
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetCPInfo
GetOEMCP
FindResourceExW
GetTempFileNameA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
SearchPathA
RtlUnwind
DecodePointer
EncodePointer
RaiseException
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetLocaleInfoW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
IsValidCodePage
CompareStringW
LCMapStringW
HeapCreate

user32

ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowThreadProcessId
GetAsyncKeyState
MapDialogRect
MessageBeep
IsClipboardFormatAvailable
CountClipboardFormats
IsRectEmpty
SendNotifyMessageA
CopyAcceleratorTableA
InflateRect
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
CharUpperA
GetKeyNameTextA
MapVirtualKeyA
SetTimer
KillTimer
WindowFromPoint
CreateMenu
PostThreadMessageA
SetParent
MonitorFromPoint
DeleteMenu
GetSystemMenu
TranslateAcceleratorA
InsertMenuItemA
IsIconic
LoadAcceleratorsA
SetCursor
DestroyIcon
LoadMenuA
ReuseDDElParam
UnpackDDElParam
IsZoomed
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
DeferWindowPos
PostQuitMessage
RealChildWindowFromPoint
GetSysColorBrush
UnregisterClassA
LoadCursorW
WaitMessage
LockWindowUpdate
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
LoadAcceleratorsW
LoadMenuW
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
CopyImage
GetNextDlgGroupItem
DrawIconEx
IsWindowVisible
DestroyAcceleratorTable
SetClassLongA
DrawStateA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SetCursorPos
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
IsMenu
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
FrameRect
GetUpdateRect
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
DrawIcon
DestroyCursor
GetWindowRgn
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
EndPaint
BeginPaint
GetWindowDC
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowTextLengthA
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
OemToCharA
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
IsWindowEnabled
EndDialog
TabbedTextOutA
DrawTextExA
GrayStringA
GetSystemMetrics
LoadIconA
WinHelpA
CopyRect
FillRect
DrawFocusRect
CreatePopupMenu
AppendMenuA
GetSysColor
SetWindowTextA
GetWindowTextA
IsChild
GetFocus
GetWindowRect
GetNextDlgTabItem
GetParent
wsprintfA
GetKeyState
BringWindowToTop
InvalidateRect
PtInRect
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
SetWindowRgn
AdjustWindowRectEx
EnableWindow
SendMessageA
DrawTextA
UpdateWindow
GetClassInfoA
PeekMessageA
MsgWaitForMultipleObjects
CharToOemA
SetRect
GetDlgItem
SetFocus
LoadImageA
RedrawWindow
RegisterWindowMessageA
GetCursorPos
ReleaseDC
GetDC
LoadIconW
IntersectRect
RegisterClipboardFormatA
GetClassNameA
SetForegroundWindow
ReleaseCapture
GetCapture
LoadCursorA
SetCapture
ScreenToClient
ClientToScreen
GetClientRect
EqualRect
OffsetRect
SetRectEmpty

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreateHatchBrush
DPtoLP
CreateCompatibleBitmap
CreateRectRgnIndirect
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
GetWindowOrgEx
GetBkColor
GetWindowExtEx
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
LPtoDP
GetRgnBox
OffsetRgn
SetPixel
StretchBlt
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetSystemPaletteEntries
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPoint32A
GetTextMetricsA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetPaletteEntries
GetTextColor
Rectangle
GetStockObject
CreateSolidBrush
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
EnumFontFamiliesExA
DeleteObject
CreatePen
SelectObject
GetObjectA
GetPixel
SetTextColor
SetROP2
SetPolyFillMode
RealizePalette
GetNearestPaletteIndex
CreatePalette
GetTextCharsetInfo
CreateDIBitmap
GetMapMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetViewportExtEx
CombineRgn
SetRectRgn
PatBlt

advapi32

RegCreateKeyExA
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegSetValueA
RegOpenKeyExA
RegOpenKeyExW
CryptImportKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA

shell32

SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
ExtractIconA
DragAcceptFiles
ShellExecuteA
ShellAboutA
DragFinish
DragQueryFileA

ole32

OleSetMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoDisconnectObject
CoCreateGuid
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize
CoCreateInstance
CoInitializeEx
OleGetClipboard
DoDragDrop
CoInitialize
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
ReleaseStgMedium
OleInitialize
OleUninitialize
CreateFileMoniker
StgOpenStorage

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord4
ord3
ord11

wldap32

ord60
ord143
ord211
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord22
ord27
ord46
ord41

ws2_32

accept
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
recvfrom
__WSAFDIsSet
WSACleanup
WSAStartup
WSASetLastError
WSAGetLastError
select
recv
send
WSAIoctl
listen
ioctlsocket
gethostname
htonl
ntohl
setsockopt

crypt32

CertFreeCertificateContext

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipGetImagePalette

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

oleaut32

SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringByteLen
SysStringLen

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02016b1a3deb2552b85ed3f159dbc09a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 328KB - Virtual size: 328KB

.data Size: 25KB - Virtual size: 56KB

.rsrc Size: 132KB - Virtual size: 132KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 328KB - Virtual size: 328KB

.data
Size: 25KB - Virtual size: 56KB

.rsrc
Size: 132KB - Virtual size: 132KB