httpdebugger_keygen[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

httpdebugger_keygen.exe
Size

2.6MB
MD5

8561e3042608385957eadd4a1695991c
SHA1

f59f3123802e324440c42c1a55595777591dedf8
SHA256

7a1d9d170efba5d8b4c567c246ee43f2b25cbaad7638b570cde668d33dbd797d
SHA512

bbcb5ee477fcb981a0689c140d1158fdf0145f45dd6494b6ebe8080a2fc0b5c68f5ee4803726e3b96168d0bc829dffd6ea68400c1eaab4b4ea361d4695b95df7
SSDEEP

24576:plAWVsUdk7tmlYhNywbItEmzGanDyXBWBKh9GfzmrhcK9ZrahKA3zVHoqg5J2fc/:plkUdk7tLKtEmzGaef9bbroKJeq0x6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
httpdebugger_keygen.exe

Files

httpdebugger_keygen.exe
.exe windows:6 windows x64 arch:x64

a5f1b2e9cdd504400188b5ae0d4f09ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

wglDeleteContext
wglGetCurrentDC
wglGetCurrentContext
wglCreateContext
wglShareLists
wglGetProcAddress
wglMakeCurrent

advapi32

RegSetValueExW
RegCreateKeyExW
SystemFunction036
RegCloseKey
RegQueryValueExW

kernel32

LoadLibraryW
GetCurrentThreadId
InitializeSListHead
RtlVirtualUnwind
GlobalFree
GetModuleHandleW
GlobalUnlock
IsDebuggerPresent
HeapReAlloc
GetCurrentProcessId
CreateThread
CloseHandle
GetProcessHeap
HeapAlloc
SetLastError
GetCurrentThread
ReleaseSRWLockExclusive
Sleep
GlobalSize
MultiByteToWideChar
SetThreadErrorMode
LoadLibraryExW
FreeLibrary
GetProcAddress
GlobalAlloc
GetModuleHandleA
TryAcquireSRWLockExclusive
GetStdHandle
GetConsoleMode
WaitForSingleObject
WriteConsoleW
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetCurrentProcess
ReleaseMutex
GetEnvironmentVariableW
RtlLookupFunctionEntry
FormatMessageW
SetThreadStackGuarantee
QueryPerformanceFrequency
GetCurrentDirectoryW
RtlCaptureContext
AcquireSRWLockShared
ReleaseSRWLockShared
AddVectoredExceptionHandler
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
GlobalLock
QueryPerformanceCounter
SwitchToThread
GetSystemTimeAsFileTime
GetVolumeInformationW
lstrlenW
LocalFree
HeapFree
AcquireSRWLockExclusive
IsProcessorFeaturePresent

user32

GetClipCursor
TranslateMessage
ShowCursor
GetMessageW
GetKeyboardState
SystemParametersInfoA
DestroyIcon
DispatchMessageW
CloseClipboard
AdjustWindowRectEx
RedrawWindow
GetMenu
ToUnicodeEx
GetKeyState
GetKeyboardLayout
RegisterWindowMessageA
GetClipboardData
IsClipboardFormatAvailable
GetUpdateRect
ValidateRect
GetRawInputData
RegisterRawInputDevices
IsProcessDPIAware
GetActiveWindow
ChangeDisplaySettingsExW
RegisterTouchWindow
SetForegroundWindow
SendInput
MapVirtualKeyW
GetWindowLongPtrW
GetClassInfoExW
GetClassNameW
GetWindowPlacement
SetWindowLongW
CreateWindowExW
RegisterClassExW
CreateIcon
MapVirtualKeyA
GetMonitorInfoW
MonitorFromRect
MonitorFromWindow
ClientToScreen
GetWindowLongW
DefWindowProcW
CloseTouchInputHandle
GetTouchInputInfo
SetCapture
DestroyWindow
SetWindowLongPtrW
ScreenToClient
TrackMouseEvent
SendMessageW
GetClientRect
MsgWaitForMultipleObjectsEx
LoadCursorW
PostThreadMessageW
PeekMessageW
InvalidateRgn
SetWindowPos
GetWindowRect
ReleaseCapture
GetCursorPos
SetWindowTextW
GetSystemMetrics
SetClipboardData
EmptyClipboard
OpenClipboard
ShowWindow
ClipCursor
SetWindowPlacement
PostMessageW
SetCursor
GetDC

ole32

RevokeDragDrop
CoCreateInstance
OleInitialize
RegisterDragDrop
CoUninitialize
CoInitializeEx

shell32

DragQueryFileW
DragFinish
ShellExecuteW

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmGetContext
ImmSetCandidateWindow
ImmAssociateContextEx

gdi32

DeleteObject
DescribePixelFormat
SwapBuffers
GetDeviceCaps
SetPixelFormat
CreateRectRgn
GetPixelFormat
ChoosePixelFormat

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod

dwmapi

DwmEnableBlurBehindWindow

bcrypt

BCryptGenRandom

uxtheme

SetWindowTheme

vcruntime140

__current_exception_context
__current_exception
__CxxFrameHandler3
__C_specific_handler
_CxxThrowException
memcpy
memmove
memset
memcmp

api-ms-win-crt-math-l1-1-0

floor
trunc
_hypotf
expf
powf
roundf
atan2f
sinf
cosf
acosf
cbrtf
exp2f
ceilf
__setusermatherr
floorf
round

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

terminate
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initterm
_seh_filter_exe
_initterm_e
_set_app_type
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
exit
_exit

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5f1b2e9cdd504400188b5ae0d4f09ba

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

advapi32

kernel32

user32

ole32

shell32

imm32

gdi32

winmm

dwmapi

bcrypt

uxtheme

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 828KB - Virtual size: 827KB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 2KB - Virtual size: 2KB

.pdata Size: 30KB - Virtual size: 29KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 828KB - Virtual size: 827KB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 2KB - Virtual size: 2KB

.pdata
Size: 30KB - Virtual size: 29KB

.reloc
Size: 3KB - Virtual size: 3KB