HAKO_1MS[.]rar

Resubmissions

12/03/2024, 05:22

240312-f2wv9abd23 10

12/03/2024, 05:21

240312-f2hnmabc95 10

12/03/2024, 05:17

240312-fyq6labc53 7

12/03/2024, 05:13

240312-fwed1shc71 10

Sharing

Copy URL Twitter E-mail

General

Target

HAKO_1MS.rar
Size

19.6MB
MD5

346bbc041cececc4dccdb24a29732354
SHA1

9b0c3df353aa46c922de5be79eee403e6882df3b
SHA256

3613ee0420df674ea9c0afc854b2bfaa08790d23845738a1b95d7b69cc3ea7b9
SHA512

b2ca55ec99c174526d054e17f8d73b2f816eed2158cf4aa006f99a458a3e11de44177b79041c77992005b68c212d96d9e2245364da65ef173fd0301f9c8caac3
SSDEEP

393216:kEBwJADE+ZeF90bWimgAvH1LR8SjewO48eCmLNt5jfbU8sa86Mv1:kqwLkeMWiAdLR8SqwO4bCi5jTU5wI

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/HAKO_1ms_tp.exe	pyinstaller

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HAKO_1ms_tp.exe
unpack001/HAKO_ms1.exe
unpack001/hako_1ms/lantexd delay.exe

Files

HAKO_1MS.rar
.rar
HAKO_1ms_tp.exe
.exe windows:5 windows x64 arch:x64

1af6c885af093afc55142c2f1761dbe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
MessageBoxW
MessageBoxA
SystemParametersInfoW
DestroyIcon
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
InvalidateRect
ReleaseDC
GetDC
DrawTextW
GetDialogBaseUnits
EndDialog
DialogBoxIndirectParamW
MoveWindow
SendMessageW

comctl32

ord380

kernel32

IsValidCodePage
GetStringTypeW
GetFileAttributesExW
HeapReAlloc
FlushFileBuffers
GetCurrentDirectoryW
GetACP
GetOEMCP
GetModuleHandleW
MulDiv
GetLastError
SetDllDirectoryW
GetModuleFileNameW
CreateSymbolicLinkW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
GetCPInfo
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
HeapSize
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableW
RtlUnwindEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW

advapi32

OpenProcessToken
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

gdi32

SelectObject
DeleteObject
CreateFontIndirectW

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wlorx_1ms_tp.pyc
HAKO_ms1.exe
.exe windows:4 windows x86 arch:x86

72717c83cf7b5d060d520d8545909ee1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3721
ord800
ord795
ord858
ord860
ord540
ord567
ord825
ord3626
ord3663
ord2414
ord4275
ord2379
ord755
ord6172
ord5875
ord5789
ord470
ord6453
ord3874
ord4284
ord1641
ord2385
ord2864
ord613
ord289
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord641
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord1775
ord5280
ord4425
ord3597
ord537
ord324
ord2302
ord4234
ord1146
ord1168
ord2367
ord2370
ord4160
ord2863
ord2818
ord6334
ord5241
ord4407
ord1776
ord4078
ord6055
ord3619
ord3402
ord2860
ord5277
ord1576

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_setmbcp
__CxxFrameHandler
_ftol
__dllonexit
_onexit
_exit
_XcptFilter
_initterm

kernel32

GetModuleHandleA
GetStartupInfoA

user32

GetSystemMetrics
IsIconic
GetClientRect
LoadIconA
EnableWindow
GetParent
DrawIcon
AppendMenuA
SendMessageA
SetCursor
LoadCursorA
GetSystemMenu

gdi32

GetObjectA
GetTextExtentPoint32A
CreateFontIndirectA

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

ntdll

NtSetTimerResolution
NtQueryTimerResolution

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hako Priw 1/1 - Lantexd.reg
hako Priw 1/10 - Keyboard Optimization.reg
hako Priw 1/10 - Lantexd Optimization.reg
hako Priw 1/11 -Lantexd Optimization.reg
hako Priw 1/2 - Lantexd.reg
hako Priw 1/2 -777x777.reg
hako Priw 1/8 - Lantexd Optimization.reg
hako Priw 1/9 - Lantexd Optimization.reg
hako Priw 1/9 - LantexdOptimization.reg
hako Priw 1/LANTE.reg
hako Priw 1/LANTEXD OPTİ.reg
hako Priw 1/Lantexd 2.reg
hako Priw 1/Lantexd 4.reg
hako Priw 1/Lantexd 5.reg
hako Priw 1/Lantexd opti.reg
hako Priw 1/Lantexd xxx.reg
hako Priw 1/Lantexd.reg
hako Priw 1/lANTE PRİW.reg
hako Priw 1/lante priw.reg
hako Priw 1/lantexd priw strafe.reg
hako Priw 1/lantexd tp.reg
hako_1ms/ReadMe.txt
hako_1ms/Source_x64.vb
.vbs
hako_1ms/eula.txt
hako_1ms/lantexd delay.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\VSProjects\MelodysLowLatencyUI\MelodysLowLatencyUI\obj\x64\Release\MelodysLowLatencyUI_v3.pdb

Sections

.text
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hako_reg_MS2/lantexd1.reg
hako_reg_MS2/lantexd3.reg
hako_reg_MS2/lantexd4.reg
hako_reg_MS2/lantexd5.reg
tweask nvidia/#1 Start .cmd
tweask nvidia/11 ServiceProviderSequence.reg
tweask nvidia/12 STABLE_NET.reg
tweask nvidia/13 ZeroConnectionAcceptanceDelay.reg
tweask nvidia/14 CPU Speed.reg
tweask nvidia/16 FIX_Input_Delay.reg
tweask nvidia/17 Graphics Speed.reg
tweask nvidia/18 Network Speed.reg
tweask nvidia/19 SystemResponsiveness + GPU.reg
tweask nvidia/2 Clear internetCache.reg
tweask nvidia/24 Delay 0.reg
tweask nvidia/26 FIX_Input_Delay.reg
tweask nvidia/3.Registro.reg
tweask nvidia/4 FIX_Input_Delay.reg
tweask nvidia/6 TCPIP Tweaks (Stable internet for TCP sock).reg
tweask nvidia/6.Desabilitar Opcoes de Energia.reg
tweask nvidia/7 DecreaseTypeDelay.reg
tweask nvidia/8 DisableConnectionRateLimiter.reg
tweask nvidia/Boost FPS In Games.reg
tweask nvidia/Clean Windows.reg
tweask nvidia/CursorBlinkRate.reg
tweask nvidia/Decrease_Keyboard_MS.reg
tweask nvidia/Decreased Input Lag.reg
tweask nvidia/Desabilitar AMS.reg
tweask nvidia/Desabilitar Anti Malware.reg
tweask nvidia/Desabilitar FSO Globally.reg
tweask nvidia/Desabilitar Game DVR.reg
tweask nvidia/Desabilitar Prefetch.reg
tweask nvidia/Desabilitar Telemetry 1.reg
tweask nvidia/Desabilitar Telemetry 2.reg
tweask nvidia/Desabilitar sincronização remota.reg
tweask nvidia/Desactiver MMCSS.reg
tweask nvidia/Desativar FSO.reg
tweask nvidia/Diminuir_MsTeclado.reg
tweask nvidia/Disable Automatic Maintenance.reg
tweask nvidia/Disable Clear Pagefile at Shutdown.reg
tweask nvidia/Disable Extra Unnecessary Services.reg
tweask nvidia/Disable Nagles Algorithm.reg
tweask nvidia/Disable Network Usage.reg
tweask nvidia/Disable Notification Center.reg
tweask nvidia/Disable Power Throttling.reg
tweask nvidia/Disable Prefetcher.reg
tweask nvidia/Disable Spectre and Meltdown.reg
tweask nvidia/Disable Superfetch.reg
tweask nvidia/Disable UAC.reg
tweask nvidia/Disable_Bluetooth_Services.reg
tweask nvidia/Disable_Game_DVR1.reg
tweask nvidia/Disable_Game_DVR2.reg
tweask nvidia/Disable_GpuEnergyDriver.reg
tweask nvidia/Disable_Power_Throttling (1).reg
tweask nvidia/Disable_Power_Throttling.reg
tweask nvidia/Execute Para Deixar o Windows Mais Rápido.reg
tweask nvidia/FSO ON.reg
tweask nvidia/FiveM Boost.reg
tweask nvidia/GPU Priority.reg
tweask nvidia/GPU Propriétaire.reg
tweask nvidia/GTA5_Priorite_Superieure_a_la_Normale_1.reg
tweask nvidia/Game Optimizations.reg
tweask nvidia/HighEndSysFpsInput.reg
tweask nvidia/Increase_CPU_Performance.reg
tweask nvidia/Increase_System_Resposiveness.reg
tweask nvidia/KeyBoard_Optimization.reg
tweask nvidia/Liberar uso de CPU.reg
tweask nvidia/M2 MarkC Windows 10 Mouse Fix.reg
tweask nvidia/MenuShowDelay.reg
tweask nvidia/MouseHoverTime.reg
tweask nvidia/Mouse_Optimization.reg
tweask nvidia/NVIDIA Thread Priority.reg
tweask nvidia/No Folder Options.reg
tweask nvidia/OPTIONAL Disable Bluetooth Services.reg
tweask nvidia/OPTIONAL Disable Download Maps Manager.reg
tweask nvidia/OPTIONAL Disable Xbox Services.reg
tweask nvidia/Optimize ALL Windows Settings.reg
tweask nvidia/Prioritize_GPU.reg
tweask nvidia/Processor Scheduling.reg
tweask nvidia/Remove_Mouse_Acceleration.reg
tweask nvidia/Remover Aceleração do Mouse.reg
tweask nvidia/Revert NVIDIA Thread Priority.reg
tweask nvidia/SystemResponsiveness + GPU.reg
tweask nvidia/Take Ownership.reg
tweask nvidia/Tweaks de Registro.reg
tweask nvidia/csrss.exe Realtime Priority.reg
tweask nvidia/transparency off.reg
tweask nvidia/transparency on.reg

Resubmissions

Sharing

General

Malware Config

Signatures

Files

1af6c885af093afc55142c2f1761dbe8

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

kernel32

advapi32

gdi32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 75KB - Virtual size: 74KB

.data Size: 3KB - Virtual size: 12KB

.pdata Size: 9KB - Virtual size: 8KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

72717c83cf7b5d060d520d8545909ee1

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

shell32

comctl32

ntdll

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 332B

.rsrc Size: 8KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 753KB - Virtual size: 753KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 332B

.rsrc
Size: 8KB - Virtual size: 4KB

.text
Size: 753KB - Virtual size: 753KB

.rsrc
Size: 363KB - Virtual size: 362KB