Huntplayers desktop[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Huntplayers desktop.exe
Size

7.4MB
MD5

582c5d68927fd212cd492539099f485a
SHA1

392d5394ff1f1fdad5faf08445a984e9e03bf5e7
SHA256

e5aa77efc26092ac2ce77b1949504dc3d61ed769bc9203ef2c28a04cab9e3068
SHA512

6a42f879b55a4a04c81678dd0fac9429ac067a5233170c75e1edf414ca5a916dcc0c7bf28da0e1edfa9013c5e4b87cc2eaf380ba4c09eaa6ddfbc0fe49281951
SSDEEP

49152:WtT5lfJRsiHrhKdQloifEcmPaRJS8f1E8FjTVrA0XIRsPe+eTts3T5I4wP0wJlxc:yxEQJvf1fAgIRsmA3TvW081B4Ic2TML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Huntplayers desktop.exe

Files

Huntplayers desktop.exe
.exe windows:6 windows x64 arch:x64

fa3095ccc71b5e4e81a80c23ec16925a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\pro\Desktop\tauri\huntplayers\src-tauri\target\release\deps\huntplayers.pdb

Imports

user32

GetAsyncKeyState
GetKeyboardState
MapVirtualKeyExW
SystemParametersInfoA
DestroyIcon
SetWindowLongW
GetSystemMenu
VkKeyScanW
DestroyWindow
ValidateRect
GetRawInputData
ToUnicodeEx
RegisterTouchWindow
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
MonitorFromPoint
EnumDisplayMonitors
IsProcessDPIAware
GetDC
PostQuitMessage
SendInput
ShowWindow
AppendMenuW
PostThreadMessageW
PeekMessageW
GetUpdateRect
GetMessageA
DispatchMessageA
CreateMenu
GetSystemMetrics
MonitorFromRect
SetMenuItemInfoW
GetKeyState
IsWindow
GetClientRect
TrackMouseEvent
ClipCursor
CreateWindowExW
GetClipCursor
InvalidateRgn
GetWindowLongW
SetWindowPos
SetCursor
SetCursorPos
ShowCursor
AdjustWindowRectEx
GetWindowRect
SetWindowDisplayAffinity
GetMenu
GetActiveWindow
GetForegroundWindow
CreateAcceleratorTableW
CheckMenuItem
EnableMenuItem
DestroyAcceleratorTable
CreateIcon
SetCapture
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
GetKeyboardLayout
RegisterWindowMessageA
IsIconic
EnumChildWindows
ClientToScreen
SetMenu
LoadCursorW
GetWindowLongPtrW
SetWindowLongPtrW
ReleaseCapture
GetCursorPos
RedrawWindow
PostMessageW
SetForegroundWindow
SendMessageW
RegisterClassExW
FindWindowW
GetWindowPlacement
SetWindowPlacement
ChangeDisplaySettingsExW
FlashWindowEx
DefWindowProcW
TranslateAcceleratorW
GetAncestor
GetMessageW
MapVirtualKeyW
DispatchMessageW
TranslateMessage
GetMonitorInfoW
IsWindowVisible
MonitorFromWindow
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo

kernel32

CreateThread
LoadLibraryW
LCIDToLocaleName
WriteConsoleW
MultiByteToWideChar
CreateProcessW
GetWindowsDirectoryW
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
GetSystemDirectoryW
WaitForMultipleObjects
CreateNamedPipeW
GetFullPathNameW
ExitProcess
GetTempPathW
GetConsoleMode
GetOverlappedResult
ReadFile
LoadLibraryA
CreateEventW
CopyFileExW
GetFinalPathNameByHandleW
CreateHardLinkW
CreateSymbolicLinkW
RemoveDirectoryW
DeleteFileW
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
FindNextFileW
CreateMutexA
AcquireSRWLockShared
QueryPerformanceFrequency
QueryPerformanceCounter
WakeConditionVariable
GetFileAttributesW
GetModuleFileNameW
OutputDebugStringA
OutputDebugStringW
GetUserDefaultUILanguage
TryAcquireSRWLockExclusive
ReleaseSemaphore
ReadDirectoryChangesW
LoadLibraryExW
CreateSemaphoreW
CreateFileW
CancelIo
WaitForSingleObjectEx
FreeLibrary
GetEnvironmentVariableW
WakeAllConditionVariable
SetFileTime
GetLastError
TerminateProcess
GetExitCodeProcess
ReadFileEx
SleepEx
GetProcessHeap
HeapAlloc
WriteFileEx
HeapFree
SetHandleInformation
FormatMessageW
SetEvent
WaitForSingleObject
SleepConditionVariableSRW
ReleaseSRWLockShared
GetSystemInfo
CreateMutexW
ReleaseMutex
Sleep
GetModuleHandleA
GetCurrentThreadId
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
HeapReAlloc
lstrlenW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
InitializeSListHead
GetModuleHandleW
RtlVirtualUnwind
IsDebuggerPresent
GetCurrentProcessId
GetStdHandle
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetFilePointerEx
DuplicateHandle
EncodePointer
SetFileInformationByHandle
TlsAlloc
TlsFree
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetFileInformationByHandle
SetFileAttributesW
MoveFileExW
GetCommandLineW
FreeEnvironmentStringsW
FindClose
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
SetEnvironmentVariableW

gdi32

GetDeviceCaps
CreateRectRgn
DeleteObject

dwmapi

DwmEnableBlurBehindWindow

ole32

RevokeDragDrop
OleInitialize
CreateStreamOnHGlobal
RegisterDragDrop
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

ws2_32

closesocket
select
connect
getaddrinfo
WSASocketW
ioctlsocket
send
recv
getsockopt
setsockopt
WSAGetLastError
WSAStartup
WSACleanup
freeaddrinfo

comctl32

DefSubclassProc
SetWindowSubclass
RemoveWindowSubclass
TaskDialogIndirect

shell32

SHCreateItemFromParsingName
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage
SHGetKnownFolderPath

secur32

DeleteSecurityContext
AcceptSecurityContext
FreeContextBuffer
AcquireCredentialsHandleA
FreeCredentialsHandle
QueryContextAttributesW
InitializeSecurityContextW
DecryptMessage
EncryptMessage

crypt32

CertVerifyCertificateChainPolicy
CertDuplicateStore
CertCloseStore
CertGetCertificateChain
CertOpenStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFreeCertificateChain
CertDuplicateCertificateChain

uxtheme

SetWindowTheme

advapi32

SystemFunction036
RegGetValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
EventUnregister
EventWriteTransfer
EventSetInformation
EventRegister

oleaut32

GetErrorInfo
SysStringLen
SetErrorInfo
SysFreeString

bcrypt

BCryptGenRandom

ntdll

RtlNtStatusToDosError
NtReadFile
NtWriteFile
NtCreateFile

api-ms-win-crt-math-l1-1-0

round
trunc
floor
__setusermatherr

api-ms-win-crt-string-l1-1-0

_wcsicmp
wcslen
wcsncmp
strlen
strcpy_s

api-ms-win-crt-convert-l1-1-0

wcstol
_ultow_s

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe
_set_app_type
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
abort
exit
_exit
terminate
__p___argc
_crt_atexit
_register_onexit_function
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc
calloc
_set_new_mode

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa3095ccc71b5e4e81a80c23ec16925a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

dwmapi

ole32

ws2_32

comctl32

shell32

secur32

crypt32

uxtheme

advapi32

oleaut32

bcrypt

ntdll

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 1KB - Virtual size: 5KB

.pdata Size: 269KB - Virtual size: 268KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 1KB - Virtual size: 5KB

.pdata
Size: 269KB - Virtual size: 268KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 31KB - Virtual size: 31KB