Overview

overview

3

Static

static

3

httprecon-...32.dll

windows7-x64

1

httprecon-...32.dll

windows10-2004-x64

1

httprecon-...TL.dll

windows7-x64

1

httprecon-...TL.dll

windows10-2004-x64

1

httprecon-...on.exe

windows7-x64

1

httprecon-...on.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    45e2286a1a072a6d448038e9fc9fcaa2

  • Size

    1018KB

  • MD5

    45e2286a1a072a6d448038e9fc9fcaa2

  • SHA1

    ee7a6f5e941868803a52194722d8cd8d868904b3

  • SHA256

    c740056479db774b3997d9313768548a1bbefeda7887f3860020e4b79181b740

  • SHA512

    74b7a6833584f8c95cba6ee1a06245b6ced9d12e196f4860a48fe2715b1b781ed9867196018b73b10dabefdc1b8d409a01883409414094f8308819a606bb303d

  • SSDEEP

    24576:qDpKwjUq3AGLJMWmSd/xnA53PrKsNj9anRmWwHbrr6dEN+ab2IJ:OjUq3AG9b1hA5DKsNpanRwQEcabt

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 45e2286a1a072a6d448038e9fc9fcaa2
    .zip
  • httprecon-4.3/COMDLG32.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    988f29c1eb8054253091352741683c76


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • httprecon-4.3/MSCOMCTL.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    2b2ee4e06ab7ae589a670cad99121b44


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • httprecon-4.3/database/attack_request/accept-range.fdb
  • httprecon-4.3/database/attack_request/banner.fdb
  • httprecon-4.3/database/attack_request/cache-control.fdb
  • httprecon-4.3/database/attack_request/connection.fdb
  • httprecon-4.3/database/attack_request/content-type.fdb
  • httprecon-4.3/database/attack_request/etag-legth.fdb
  • httprecon-4.3/database/attack_request/etag-quotes.fdb
  • httprecon-4.3/database/attack_request/header-capitalafterdash.fdb
  • httprecon-4.3/database/attack_request/header-order.fdb
  • httprecon-4.3/database/attack_request/header-space.fdb
  • httprecon-4.3/database/attack_request/htaccess-realm.fdb
  • httprecon-4.3/database/attack_request/pragma.fdb
  • httprecon-4.3/database/attack_request/protocol-name.fdb
  • httprecon-4.3/database/attack_request/protocol-version.fdb
  • httprecon-4.3/database/attack_request/statuscode.fdb
  • httprecon-4.3/database/attack_request/statustext.fdb
  • httprecon-4.3/database/attack_request/vary-capitalize.fdb
  • httprecon-4.3/database/attack_request/vary-delimiter.fdb
  • httprecon-4.3/database/attack_request/vary-order.fdb
  • httprecon-4.3/database/attack_request/x-powered-by.fdb
  • httprecon-4.3/database/delete_existing/accept-range.fdb
  • httprecon-4.3/database/delete_existing/banner.fdb
  • httprecon-4.3/database/delete_existing/cache-control.fdb
  • httprecon-4.3/database/delete_existing/connection.fdb
  • httprecon-4.3/database/delete_existing/content-type.fdb
  • httprecon-4.3/database/delete_existing/etag-legth.fdb
  • httprecon-4.3/database/delete_existing/etag-quotes.fdb
  • httprecon-4.3/database/delete_existing/header-capitalafterdash.fdb
  • httprecon-4.3/database/delete_existing/header-order.fdb
  • httprecon-4.3/database/delete_existing/header-space.fdb
  • httprecon-4.3/database/delete_existing/htaccess-realm.fdb
  • httprecon-4.3/database/delete_existing/options-allowed.fdb
  • httprecon-4.3/database/delete_existing/options-delimited.fdb
  • httprecon-4.3/database/delete_existing/options-public.fdb
  • httprecon-4.3/database/delete_existing/pragma.fdb
  • httprecon-4.3/database/delete_existing/protocol-name.fdb
  • httprecon-4.3/database/delete_existing/protocol-version.fdb
  • httprecon-4.3/database/delete_existing/statuscode.fdb
  • httprecon-4.3/database/delete_existing/statustext.fdb
  • httprecon-4.3/database/delete_existing/vary-capitalize.fdb
  • httprecon-4.3/database/delete_existing/vary-delimiter.fdb
  • httprecon-4.3/database/delete_existing/vary-order.fdb
  • httprecon-4.3/database/delete_existing/x-powered-by.fdb
  • httprecon-4.3/database/get_existing/accept-range.fdb
  • httprecon-4.3/database/get_existing/banner.fdb
  • httprecon-4.3/database/get_existing/cache-control.fdb
  • httprecon-4.3/database/get_existing/connection.fdb
  • httprecon-4.3/database/get_existing/content-type.fdb
  • httprecon-4.3/database/get_existing/etag-legth.fdb
  • httprecon-4.3/database/get_existing/etag-quotes.fdb
  • httprecon-4.3/database/get_existing/header-capitalafterdash.fdb
  • httprecon-4.3/database/get_existing/header-order.fdb
  • httprecon-4.3/database/get_existing/header-space.fdb
  • httprecon-4.3/database/get_existing/htaccess-realm.fdb
  • httprecon-4.3/database/get_existing/pragma.fdb
  • httprecon-4.3/database/get_existing/protocol-name.fdb
  • httprecon-4.3/database/get_existing/protocol-version.fdb
  • httprecon-4.3/database/get_existing/statuscode.fdb
  • httprecon-4.3/database/get_existing/statustext.fdb
  • httprecon-4.3/database/get_existing/vary-capitalize.fdb
  • httprecon-4.3/database/get_existing/vary-delimiter.fdb
  • httprecon-4.3/database/get_existing/vary-order.fdb
  • httprecon-4.3/database/get_existing/x-powered-by.fdb
  • httprecon-4.3/database/get_long/accept-range.fdb
  • httprecon-4.3/database/get_long/banner.fdb
  • httprecon-4.3/database/get_long/cache-control.fdb
  • httprecon-4.3/database/get_long/connection.fdb
  • httprecon-4.3/database/get_long/content-type.fdb
  • httprecon-4.3/database/get_long/etag-legth.fdb
  • httprecon-4.3/database/get_long/etag-quotes.fdb
  • httprecon-4.3/database/get_long/header-capitalafterdash.fdb
  • httprecon-4.3/database/get_long/header-order.fdb
  • httprecon-4.3/database/get_long/header-space.fdb
  • httprecon-4.3/database/get_long/htaccess-realm.fdb
  • httprecon-4.3/database/get_long/pragma.fdb
  • httprecon-4.3/database/get_long/protocol-name.fdb
  • httprecon-4.3/database/get_long/protocol-version.fdb
  • httprecon-4.3/database/get_long/statuscode.fdb
  • httprecon-4.3/database/get_long/statustext.fdb
  • httprecon-4.3/database/get_long/vary-capitalize.fdb
  • httprecon-4.3/database/get_long/vary-delimiter.fdb
  • httprecon-4.3/database/get_long/vary-order.fdb
  • httprecon-4.3/database/get_long/x-powered-by.fdb
  • httprecon-4.3/database/get_nonexisting/accept-range.fdb
  • httprecon-4.3/database/get_nonexisting/banner.fdb
  • httprecon-4.3/database/get_nonexisting/cache-control.fdb
  • httprecon-4.3/database/get_nonexisting/connection.fdb
  • httprecon-4.3/database/get_nonexisting/content-type.fdb
  • httprecon-4.3/database/get_nonexisting/etag-legth.fdb
  • httprecon-4.3/database/get_nonexisting/etag-quotes.fdb
  • httprecon-4.3/database/get_nonexisting/header-capitalafterdash.fdb
  • httprecon-4.3/database/get_nonexisting/header-order.fdb
  • httprecon-4.3/database/get_nonexisting/header-space.fdb
  • httprecon-4.3/database/get_nonexisting/htaccess-realm.fdb
  • httprecon-4.3/database/get_nonexisting/pragma.fdb
  • httprecon-4.3/database/get_nonexisting/protocol-name.fdb
  • httprecon-4.3/database/get_nonexisting/protocol-version.fdb
  • httprecon-4.3/database/get_nonexisting/statuscode.fdb
  • httprecon-4.3/database/get_nonexisting/statustext.fdb
  • httprecon-4.3/database/get_nonexisting/vary-capitalize.fdb
  • httprecon-4.3/database/get_nonexisting/vary-delimiter.fdb
  • httprecon-4.3/database/get_nonexisting/vary-order.fdb
  • httprecon-4.3/database/get_nonexisting/x-powered-by.fdb
  • httprecon-4.3/database/head_existing/accept-range.fdb
  • httprecon-4.3/database/head_existing/banner.fdb
  • httprecon-4.3/database/head_existing/cache-control.fdb
  • httprecon-4.3/database/head_existing/connection.fdb
  • httprecon-4.3/database/head_existing/content-type.fdb
  • httprecon-4.3/database/head_existing/etag-legth.fdb
  • httprecon-4.3/database/head_existing/etag-quotes.fdb
  • httprecon-4.3/database/head_existing/header-capitalafterdash.fdb
  • httprecon-4.3/database/head_existing/header-order.fdb
  • httprecon-4.3/database/head_existing/header-space.fdb
  • httprecon-4.3/database/head_existing/htaccess-realm.fdb
  • httprecon-4.3/database/head_existing/options-public.fdb
  • httprecon-4.3/database/head_existing/pragma.fdb
  • httprecon-4.3/database/head_existing/protocol-name.fdb
  • httprecon-4.3/database/head_existing/protocol-version.fdb
  • httprecon-4.3/database/head_existing/statuscode.fdb
  • httprecon-4.3/database/head_existing/statustext.fdb
  • httprecon-4.3/database/head_existing/vary-capitalize.fdb
  • httprecon-4.3/database/head_existing/vary-delimiter.fdb
  • httprecon-4.3/database/head_existing/vary-order.fdb
  • httprecon-4.3/database/head_existing/x-powered-by.fdb
  • httprecon-4.3/database/options/accept-range.fdb
  • httprecon-4.3/database/options/banner.fdb
  • httprecon-4.3/database/options/cache-control.fdb
  • httprecon-4.3/database/options/connection.fdb
  • httprecon-4.3/database/options/content-type.fdb
  • httprecon-4.3/database/options/etag-legth.fdb
  • httprecon-4.3/database/options/etag-quotes.fdb
  • httprecon-4.3/database/options/header-capitalafterdash.fdb
  • httprecon-4.3/database/options/header-order.fdb
  • httprecon-4.3/database/options/header-space.fdb
  • httprecon-4.3/database/options/htaccess-realm.fdb
  • httprecon-4.3/database/options/options-allowed.fdb
  • httprecon-4.3/database/options/options-delimited.fdb
  • httprecon-4.3/database/options/options-public.fdb
  • httprecon-4.3/database/options/pragma.fdb
  • httprecon-4.3/database/options/protocol-name.fdb
  • httprecon-4.3/database/options/protocol-version.fdb
  • httprecon-4.3/database/options/statuscode.fdb
  • httprecon-4.3/database/options/statustext.fdb
  • httprecon-4.3/database/options/vary-capitalize.fdb
  • httprecon-4.3/database/options/vary-delimiter.fdb
  • httprecon-4.3/database/options/vary-order.fdb
  • httprecon-4.3/database/options/x-powered-by.fdb
  • httprecon-4.3/database/wrong_method/accept-range.fdb
  • httprecon-4.3/database/wrong_method/banner.fdb
  • httprecon-4.3/database/wrong_method/cache-control.fdb
  • httprecon-4.3/database/wrong_method/connection.fdb
  • httprecon-4.3/database/wrong_method/content-type.fdb
  • httprecon-4.3/database/wrong_method/etag-legth.fdb
  • httprecon-4.3/database/wrong_method/etag-quotes.fdb
  • httprecon-4.3/database/wrong_method/header-capitalafterdash.fdb
  • httprecon-4.3/database/wrong_method/header-order.fdb
  • httprecon-4.3/database/wrong_method/header-space.fdb
  • httprecon-4.3/database/wrong_method/htaccess-realm.fdb
  • httprecon-4.3/database/wrong_method/options-allowed.fdb
  • httprecon-4.3/database/wrong_method/options-delimited.fdb
  • httprecon-4.3/database/wrong_method/options-public.fdb
  • httprecon-4.3/database/wrong_method/pragma.fdb
  • httprecon-4.3/database/wrong_method/protocol-name.fdb
  • httprecon-4.3/database/wrong_method/protocol-version.fdb
  • httprecon-4.3/database/wrong_method/statuscode.fdb
  • httprecon-4.3/database/wrong_method/statustext.fdb
  • httprecon-4.3/database/wrong_method/vary-capitalize.fdb
  • httprecon-4.3/database/wrong_method/vary-delimiter.fdb
  • httprecon-4.3/database/wrong_method/vary-order.fdb
  • httprecon-4.3/database/wrong_method/x-powered-by.fdb
  • httprecon-4.3/database/wrong_version/accept-range.fdb
  • httprecon-4.3/database/wrong_version/banner.fdb
  • httprecon-4.3/database/wrong_version/cache-control.fdb
  • httprecon-4.3/database/wrong_version/connection.fdb
  • httprecon-4.3/database/wrong_version/content-type.fdb
  • httprecon-4.3/database/wrong_version/etag-legth.fdb
  • httprecon-4.3/database/wrong_version/etag-quotes.fdb
  • httprecon-4.3/database/wrong_version/header-capitalafterdash.fdb
  • httprecon-4.3/database/wrong_version/header-order.fdb
  • httprecon-4.3/database/wrong_version/header-space.fdb
  • httprecon-4.3/database/wrong_version/htaccess-realm.fdb
  • httprecon-4.3/database/wrong_version/pragma.fdb
  • httprecon-4.3/database/wrong_version/protocol-name.fdb
  • httprecon-4.3/database/wrong_version/protocol-version.fdb
  • httprecon-4.3/database/wrong_version/statuscode.fdb
  • httprecon-4.3/database/wrong_version/statustext.fdb
  • httprecon-4.3/database/wrong_version/vary-capitalize.fdb
  • httprecon-4.3/database/wrong_version/vary-delimiter.fdb
  • httprecon-4.3/database/wrong_version/vary-order.fdb
  • httprecon-4.3/database/wrong_version/x-powered-by.fdb
  • httprecon-4.3/httprecon.exe
    .exe windows:4 windows x86 arch:x86

    8c0d0f2486cd77aed20ec8ff92afd662


    Headers

    Imports

    Sections