Halter 2[.]0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Halter 2.0.exe
Size

124KB
MD5

5e1c0b35d081323d20e4fc8f08fcb385
SHA1

a9b20e9ffbd46584b0b7ee909bac42db126d326b
SHA256

0daa00c594c009772857c77c75f0a714c577ee12ca85378ca93030bb8febd7b9
SHA512

460a11af88f596d4edc5b86a9baf8066aa9980b5e93da7554d9c77b2035839667a6fd7730eed86ac5dc981468a3b9876f05056e43839762aff0381d2201af853
SSDEEP

384:7lWtl2YrNxZRyk5GqHklWlZ/iLH++DEn4Pc+3KzmajxwMcIgbSpb77jf3aXymyMi:pQ6EEdhPczbfZfx7jva5+Hj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Halter 2.0.exe

Files

Halter 2.0.exe
.exe windows:5 windows x86 arch:x86

126b7b934b78ac68269dcb8c817be0ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Sten\Downloads\trolley\LeTest\Release\Halter.pdb

Imports

kernel32

VirtualAlloc
FindClose
CreateFileW
GetLastError
GetSystemDirectoryA
TerminateThread
DeleteFileA
LoadLibraryW
GetProcAddress
CreateProcessW
SetThreadPriority
ExitProcess
FindNextFileW
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
WriteFile
UnhandledExceptionFilter
VirtualFree
GetBinaryTypeW
FindFirstFileW
GetTickCount
CreateThread
CloseHandle
WaitForMultipleObjects
GetProcessHeap
HeapAlloc
Sleep
GetConsoleWindow
HeapFree

user32

LoadIconW
LoadCursorW
DrawIcon
SetWindowPos
MessageBoxW
EnumChildWindows
ShowWindow
GetWindowRect
GetWindowTextLengthW
wsprintfW
RedrawWindow
GetSystemMetrics
GetDC
GetWindowTextW
GetDesktopWindow

gdi32

SelectClipRgn
CreateEllipticRgn
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
StretchBlt
PatBlt
CreateSolidBrush

winmm

waveOutReset
waveOutOpen
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader

shlwapi

ColorHLSToRGB
ColorRGBToHLS

vcruntime140

memset
__current_exception_context
__current_exception
memcpy
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vswprintf
__stdio_common_vfprintf
__stdio_common_vfwprintf
__acrt_iob_func
__stdio_common_vsprintf_s
_set_fmode

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-string-l1-1-0

wcscpy_s

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argc
_register_onexit_function
_crt_atexit
_controlfp_s
terminate
_initterm
_set_app_type
_seh_filter_exe
_exit
exit
__p___argv
_initialize_onexit_table
_initterm_e

api-ms-win-crt-math-l1-1-0

_libm_sse2_sin_precise
_libm_sse2_cos_precise
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

126b7b934b78ac68269dcb8c817be0ee

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

shlwapi

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 260KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 260KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 1024B - Virtual size: 1024B