Static task
static1
General
-
Target
HT Mod Tool.exe
-
Size
3.4MB
-
MD5
717dfa4bac5ff008ccc5cd43ee98c8d2
-
SHA1
6456360a34689ed51550beeff4704e037eab7cf4
-
SHA256
44972eb74e51ced10e283100a5c70a4b5fd5a9067a0f9890b14c94407df45143
-
SHA512
b74190594092facb61b398bedb3b913baab77a5c57b1751ad2e0e3fc887d7254066260448bca40c8a1a0cf6a5b3865699401458c14195cfc9542579ff9549bf2
-
SSDEEP
49152:CY47rFI7tiJ2w2t0oPy7t/m+HhD3uNgl9w4FSlX+Xt/Hqo7HwT:ej2tFPSxl9XSmfR7HwT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource HT Mod Tool.exe
Files
-
HT Mod Tool.exe.exe windows:6 windows x64 arch:x64
f2ccd8cac3501bcf92336475db81b3e4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
CreateFileW
SetFileInformationByHandle
GetFileInformationByHandle
InitializeCriticalSectionAndSpinCount
GetTempPathW
FindNextFileW
CreateDirectoryW
CreateThread
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
AcquireSRWLockShared
ReleaseSRWLockShared
GetFinalPathNameByHandleW
SleepConditionVariableSRW
GetEnvironmentVariableW
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
ReleaseMutex
CreateMutexA
LoadLibraryW
GetCurrentProcessId
GetCurrentProcess
LoadLibraryA
WaitForSingleObjectEx
GetCurrentDirectoryW
FormatMessageW
SetWaitableTimer
CreateWaitableTimerExW
SetLastError
WriteConsoleW
MultiByteToWideChar
WaitForSingleObject
GetConsoleMode
GetStdHandle
TryAcquireSRWLockExclusive
GetCurrentThread
GetProcAddress
GetModuleHandleA
Sleep
FindFirstFileW
DeleteCriticalSection
lstrlenW
GetSystemTimeAsFileTime
HeapReAlloc
SetThreadStackGuarantee
AddVectoredExceptionHandler
InitializeSListHead
IsDebuggerPresent
SetEnvironmentVariableW
GetCommandLineW
FindClose
UnhandledExceptionFilter
ReleaseSRWLockExclusive
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
TerminateProcess
RtlUnwindEx
CloseHandle
RtlPcToFileHeader
GetLastError
GetModuleFileNameW
GetModuleHandleW
RaiseException
EncodePointer
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetFullPathNameW
GetCurrentThreadId
LoadLibraryExW
SwitchToThread
AcquireSRWLockExclusive
GetFileInformationByHandleEx
HeapFree
OutputDebugStringW
OutputDebugStringA
GetFileAttributesW
LCIDToLocaleName
GetUserDefaultUILanguage
HeapAlloc
GetProcessHeap
FreeLibrary
WakeAllConditionVariable
WakeConditionVariable
GetSystemInfo
user32
FlashWindowEx
SetCursorPos
GetCursorPos
CreateAcceleratorTableW
RegisterTouchWindow
IsWindow
IsWindowVisible
GetAsyncKeyState
PostThreadMessageW
IsIconic
GetForegroundWindow
GetKeyState
SetMenu
EnumDisplayMonitors
TrackMouseEvent
GetMessageW
MonitorFromPoint
CheckMenuItem
EnumChildWindows
ScreenToClient
SetCapture
ShowCursor
ClipCursor
GetSystemMetrics
GetTouchInputInfo
GetActiveWindow
ClientToScreen
GetWindowRect
SetForegroundWindow
MonitorFromRect
GetWindowLongPtrW
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyExW
ReleaseCapture
SetWindowLongW
SendMessageW
EnableMenuItem
GetSystemMenu
GetMonitorInfoW
SetWindowPlacement
ChangeDisplaySettingsExW
IsProcessDPIAware
MonitorFromWindow
GetDC
TranslateMessage
SystemParametersInfoA
GetWindowPlacement
ShowWindow
PostQuitMessage
SendInput
SetMenuItemInfoW
DefWindowProcW
RegisterClassExW
DispatchMessageA
GetMessageA
DestroyIcon
DestroyAcceleratorTable
AdjustWindowRectEx
GetMenu
GetWindowLongW
InvalidateRgn
SetWindowPos
RegisterWindowMessageA
VkKeyScanW
AppendMenuW
CreateMenu
CreateIcon
CloseTouchInputHandle
LoadCursorW
GetClipCursor
SetCursor
GetClientRect
DestroyWindow
MapVirtualKeyW
GetUpdateRect
ValidateRect
GetRawInputData
RedrawWindow
RegisterRawInputDevices
SetWindowLongPtrW
CreateWindowExW
TranslateAcceleratorW
GetAncestor
PostMessageW
MsgWaitForMultipleObjectsEx
PeekMessageW
DispatchMessageW
SetWindowDisplayAffinity
comctl32
DefSubclassProc
RemoveWindowSubclass
SetWindowSubclass
shell32
DragFinish
DragQueryFileW
SHCreateItemFromParsingName
SHAppBarMessage
ShellExecuteW
SHGetKnownFolderPath
ole32
CoUninitialize
CoInitializeEx
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
RegisterDragDrop
CoCreateInstance
RevokeDragDrop
CreateStreamOnHGlobal
bcrypt
BCryptGenRandom
advapi32
EventRegister
EventWriteTransfer
EventUnregister
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegGetValueW
EventSetInformation
SystemFunction036
ntdll
NtWriteFile
RtlNtStatusToDosError
NtReadFile
uxtheme
SetWindowTheme
gdi32
GetDeviceCaps
CreateRectRgn
DeleteObject
dwmapi
DwmEnableBlurBehindWindow
oleaut32
SysFreeString
SetErrorInfo
GetErrorInfo
SysStringLen
api-ms-win-crt-math-l1-1-0
round
floor
trunc
pow
__setusermatherr
api-ms-win-crt-string-l1-1-0
strcpy_s
wcsncmp
wcslen
_wcsicmp
api-ms-win-crt-convert-l1-1-0
_ultow_s
wcstol
api-ms-win-crt-runtime-l1-1-0
_set_app_type
_register_onexit_function
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_initialize_onexit_table
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
terminate
abort
_seh_filter_exe
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
malloc
calloc
free
_callnewh
_set_new_mode
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ