D:\WorkStation\Project\HPS\Client\bin\Release\HPS.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
63a380d19911f05f5ee6c7bb5b0b4d868b9b030cc3d23de7ce77f5e633abd65d.exe
Resource
win7-20240704-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
63a380d19911f05f5ee6c7bb5b0b4d868b9b030cc3d23de7ce77f5e633abd65d.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
63a380d19911f05f5ee6c7bb5b0b4d868b9b030cc3d23de7ce77f5e633abd65d
-
Size
10.3MB
-
MD5
0d4797a905b2299bd0baf32dbe745c89
-
SHA1
e8d3a846b1ef665aa408b845ce18c39990446f05
-
SHA256
63a380d19911f05f5ee6c7bb5b0b4d868b9b030cc3d23de7ce77f5e633abd65d
-
SHA512
1492b95a6fa570d34ee1ed95c66979ab01e9d72437aa33ae1665809cf956b073140abe78073f57954417ce6353512afd03c50a8f52379687e7e632bb15d60a55
-
SSDEEP
196608:hMNNSOncajPsfJRbv+lB704OgFqOOcJ5nHV7er8Htjby15fx31LT/5Pe:hMNNtjPEJclX/GEHor8HtHy15J31H/5W
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 63a380d19911f05f5ee6c7bb5b0b4d868b9b030cc3d23de7ce77f5e633abd65d
Files
-
63a380d19911f05f5ee6c7bb5b0b4d868b9b030cc3d23de7ce77f5e633abd65d.exe windows:5 windows x86 arch:x86
4e9869ccb140225bfb1dd89f20a2cad5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
AttachConsole
GetStdHandle
WriteConsoleA
WriteConsoleW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
GlobalSize
GlobalHandle
SetFilePointer
CreateFileMappingW
FlushViewOfFile
OutputDebugStringA
UnlockFileEx
UnlockFile
SystemTimeToFileTime
SetEndOfFile
QueryPerformanceCounter
LockFileEx
LockFile
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
GetTempPathA
GetSystemTime
GetFullPathNameW
GetFullPathNameA
GetFileAttributesExW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
FormatMessageA
FlushFileBuffers
AreFileApisANSI
GetEnvironmentVariableA
OpenEventA
FreeConsole
GetLogicalDriveStringsW
QueryPerformanceFrequency
CreateWaitableTimerA
GlobalUnlock
GetFileInformationByHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleScreenBufferInfo
SetEnvironmentVariableA
GetDriveTypeW
GetCurrentDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetHandleCount
GetOEMCP
IsProcessorFeaturePresent
UnhandledExceptionFilter
CompareStringW
LCMapStringW
SetFileAttributesA
CreateDirectoryA
GetDriveTypeA
FindFirstFileExA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeZoneInformation
RemoveDirectoryW
MoveFileW
GetDateFormatW
GetTimeFormatW
GetConsoleMode
GetConsoleCP
SetStdHandle
ExitThread
RtlUnwind
GetCommandLineA
GetDateFormatA
GetTimeFormatA
MoveFileA
GetStringTypeW
DecodePointer
EncodePointer
GlobalLock
GlobalFree
GlobalAlloc
MulDiv
IsBadStringPtrA
IsBadReadPtr
ExpandEnvironmentStringsW
GetCommandLineW
SetLastError
SetHandleInformation
GetExitCodeProcess
SetEnvironmentVariableW
ReadConsoleOutputCharacterA
SetNamedPipeHandleState
PeekNamedPipe
CreateEventW
WriteFile
GetLocaleInfoW
GetACP
LoadResource
LockResource
SizeofResource
TerminateProcess
GetComputerNameW
GetProfileStringW
IsValidCodePage
GetCPInfo
GetEnvironmentVariableW
FindResourceW
FormatMessageW
SetCurrentDirectoryW
CopyFileW
GetFileType
GetTempFileNameW
GetFileSize
SetFileTime
GetTempPathW
GetLongPathNameW
GetExitCodeThread
GetCurrentThread
TlsGetValue
ResumeThread
SetThreadPriority
ExitProcess
TlsSetValue
ReleaseSemaphore
CreateSemaphoreW
CreateMutexW
RaiseException
TryEnterCriticalSection
InitializeCriticalSection
SetErrorMode
GetModuleFileNameA
OpenMutexA
DuplicateHandle
GetModuleHandleA
CreateSemaphoreA
GetTickCount
WaitForSingleObjectEx
TlsFree
TlsAlloc
DeleteCriticalSection
CreateIoCompletionPort
WaitForMultipleObjects
PostQueuedCompletionStatus
InterlockedExchangeAdd
EnterCriticalSection
QueueUserAPC
InterlockedExchange
VerifyVersionInfoW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateThread
InterlockedCompareExchange
GetQueuedCompletionStatus
SetWaitableTimer
DeviceIoControl
LoadLibraryA
WritePrivateProfileStringW
MultiByteToWideChar
GetFileAttributesA
GetVersionExW
WideCharToMultiByte
GetProcessHeap
HeapFree
VerSetConditionMask
HeapAlloc
CreateFileA
WTSGetActiveConsoleSessionId
ProcessIdToSessionId
GetComputerNameExW
DeleteFileA
CreateToolhelp32Snapshot
Process32NextW
GetSystemInfo
Process32FirstW
GetProcessTimes
GetSystemTimes
GetSystemTimeAsFileTime
LocalFree
GetVersionExA
CreatePipe
GlobalMemoryStatusEx
LocalAlloc
GetStartupInfoA
GetPrivateProfileIntW
GetStartupInfoW
GetSystemDirectoryA
ReadFile
OpenProcess
CreateProcessW
GetNativeSystemInfo
FindNextFileA
WritePrivateProfileStringA
FindFirstFileA
GetPrivateProfileIntA
GetPrivateProfileStringW
InterlockedIncrement
CreateFileMappingA
CreateProcessA
UnmapViewOfFile
MapViewOfFile
CreateThread
ReleaseMutex
CreateMutexA
ResetEvent
Sleep
CreateEventA
SetEvent
WaitForSingleObject
WinExec
InterlockedDecrement
GetCurrentProcessId
DeleteFileW
CloseHandle
GetCurrentThreadId
GetFileTime
FindNextFileW
IsDebuggerPresent
HeapSetInformation
GetLocalTime
FindClose
GetProcAddress
GetLastError
CreateFileW
GetModuleFileNameW
GetFileAttributesW
LoadLibraryW
GetModuleHandleW
OutputDebugStringW
CreateDirectoryW
GetCurrentProcess
SetUnhandledExceptionFilter
FreeLibrary
WaitForMultipleObjectsEx
FindFirstFileW
user32
MessageBoxA
wsprintfW
IsClipboardFormatAvailable
EnumDisplayMonitors
EnumDisplaySettingsW
ChangeDisplaySettingsExW
MonitorFromPoint
AdjustWindowRectEx
ShowCursor
SetMenu
NotifyWinEvent
ChildWindowFromPoint
GetWindowDC
EndPaint
BeginPaint
ValidateRect
ValidateRgn
TranslateAcceleratorW
CreateAcceleratorTableW
DestroyAcceleratorTable
RegisterClipboardFormatW
GetClipboardFormatNameW
GetWindowTextW
GetClassNameW
MessageBeep
RegisterWindowMessageW
GetProcessDefaultLayout
GetDesktopWindow
DrawEdge
DrawFrameControl
CheckMenuRadioItem
CheckMenuItem
GetSysColorBrush
GetMenuItemID
FindWindowExW
DrawIconEx
UnionRect
GetWindowThreadProcessId
SetWindowPos
SetWindowLongW
EnumWindows
SetForegroundWindow
IsRectEmpty
GetClassInfoW
CreateMenu
AppendMenuW
ModifyMenuW
RemoveMenu
InsertMenuItemW
SetMenuInfo
InsertMenuW
CreatePopupMenu
SetMenuItemInfoW
GetSubMenu
DestroyMenu
GetMenuState
DestroyCursor
DestroyIcon
GetComboBoxInfo
GetDoubleClickTime
GetCaretBlinkTime
SetWindowRgn
LoadImageW
ShowWindow
PostQuitMessage
PostMessageA
FindWindowW
PostMessageW
MessageBoxW
PostThreadMessageW
CreateWindowExW
BringWindowToTop
RegisterClassW
DdeFreeStringHandle
DdeUninitialize
DdeQueryStringW
DdeFreeDataHandle
DdeGetData
LoadBitmapW
LoadIconW
GetDlgItem
CreateDialogParamW
DeferWindowPos
PtInRect
UnregisterHotKey
RegisterHotKey
SetWindowsHookExW
GetMenuItemCount
GetMenuItemInfoW
EndDeferWindowPos
BeginDeferWindowPos
MapWindowPoints
GetUpdateRgn
UpdateWindow
SetCursorPos
ReleaseCapture
AnimateWindow
SetFocus
GetClientRect
UnhookWindowsHookEx
IsWindow
CallNextHookEx
InvalidateRect
CallWindowProcW
TrackPopupMenu
GetCapture
ChildWindowFromPointEx
GetWindow
GetActiveWindow
GetMessageTime
IsWindowVisible
IsDialogMessageW
RedrawWindow
SetParent
WindowFromPoint
ScrollWindow
EnableScrollBar
SetScrollInfo
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
GetScrollInfo
SetCapture
EnableWindow
GetSystemMetrics
GetAsyncKeyState
VkKeyScanW
MapVirtualKeyW
TranslateMessage
ClientToScreen
ScreenToClient
GetCursorPos
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
IsMenu
GetFocus
keybd_event
SystemParametersInfoW
HideCaret
GetWindowTextLengthW
GetKeyState
SetRect
IsWindowEnabled
SetRectEmpty
OffsetRect
DrawStateW
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
DdeConnect
DdePostAdvise
DefWindowProcW
DestroyWindow
SendMessageW
PeekMessageW
WaitForInputIdle
UnregisterClassW
MsgWaitForMultipleObjects
DispatchMessageW
KillTimer
SetTimer
SetCursor
LoadCursorW
GetDC
ReleaseDC
GetIconInfo
CreateIconIndirect
GetWindowLongW
DrawTextW
GetWindowRect
CopyRect
InflateRect
GetSystemMenu
GetParent
DrawFocusRect
GetSysColor
FillRect
IsZoomed
IsIconic
FlashWindowEx
SetLayeredWindowAttributes
MoveWindow
SetWindowTextW
CreateDialogIndirectParamW
GetDialogBaseUnits
GetWindowPlacement
DrawMenuBar
EnableMenuItem
GetMessageW
gdi32
EndPage
StartPage
EndDoc
StartDocW
CreateSolidBrush
GetDeviceCaps
GetTextMetricsW
RealizePalette
SelectPalette
GdiFlush
CreateRectRgn
SetBrushOrgEx
ExcludeClipRect
CreateFontIndirectW
GetOutlineTextMetricsW
SetAbortProc
ExtCreateRegion
GetRegionData
GetStockObject
StretchBlt
SetStretchBltMode
CreateICW
GetTextExtentPoint32W
ExtFloodFill
CreatePatternBrush
GetLayout
SetLayout
SetPolyFillMode
GetClipBox
SetROP2
SetGraphicsMode
ModifyWorldTransform
GetPixel
SetPixel
Polyline
PolyBezier
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
SetMapMode
LPtoDP
EnumFontFamiliesExW
CloseEnhMetaFile
PlayEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
DeleteEnhMetaFile
GetGraphicsMode
GetEnhMetaFileW
SetViewportOrgEx
CreateDCW
GetSystemPaletteEntries
GetTextExtentExPointW
GetCharABCWidthsW
PtInRegion
EqualRgn
GetRgnBox
GetBkColor
MoveToEx
LineTo
RectInRegion
CreateRectRgnIndirect
CombineRgn
GetNearestPaletteIndex
GetPaletteEntries
SetDIBColorTable
CreatePalette
CreateDIBitmap
GetObjectW
CreateCompatibleDC
DeleteDC
SelectObject
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateBitmap
SetBkColor
CreateBitmapIndirect
SetBkMode
SetTextColor
GetWindowExtEx
OffsetRgn
GetDIBColorTable
DPtoLP
SelectClipRgn
GetObjectType
ExtSelectClipRgn
CreatePolygonRgn
ExtTextOutW
SetWorldTransform
GetWorldTransform
Arc
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
Ellipse
MaskBlt
StretchDIBits
CreateHatchBrush
ExtCreatePen
CreatePen
CreateDIBSection
GetViewportExtEx
GetDIBits
comdlg32
GetOpenFileNameW
PageSetupDlgW
PrintDlgW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError
winspool.drv
OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetPrinterW
shell32
ExtractIconW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
Shell_NotifyIconW
DragQueryFileW
SHGetFolderPathW
DragQueryPoint
DragFinish
ShellExecuteExW
ord6
SHGetFileInfoW
ShellExecuteW
ShellExecuteA
ExtractIconExW
DragAcceptFiles
CommandLineToArgvW
SHFileOperationW
shlwapi
SHAutoComplete
AssocQueryStringW
ole32
ReleaseStgMedium
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
DoDragDrop
CoLockObjectExternal
OleUninitialize
CoTaskMemAlloc
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
CoCreateInstance
OleInitialize
oleaut32
SafeArrayUnlock
SafeArrayLock
SafeArrayGetVartype
SafeArrayDestroy
SystemTimeToVariantTime
VarBstrFromCy
SysStringLen
SafeArrayCreate
SysFreeString
VariantInit
SysAllocString
advapi32
SystemFunction036
CloseServiceHandle
OpenSCManagerW
EnumServicesStatusA
QueryServiceConfigA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
LookupAccountSidA
GetUserNameW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
OpenServiceA
comctl32
ImageList_Copy
ImageList_Add
ord16
ord17
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_Create
ImageList_Replace
ImageList_Remove
ImageList_Draw
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
rpcrt4
RpcStringFreeW
UuidToStringW
wsock32
__WSAFDIsSet
socket
send
recv
WSACleanup
shutdown
connect
getsockopt
inet_ntoa
select
WSAGetLastError
setsockopt
bind
WSASetLastError
closesocket
listen
accept
ntohl
htonl
htons
ntohs
WSAStartup
getpeername
oleacc
CreateStdAccessibleObject
LresultFromObject
uxtheme
IsThemeActive
IsAppThemed
IsThemePartDefined
GetThemeFont
CloseThemeData
OpenThemeData
GetThemeMargins
DrawThemeBackground
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemeColor
GetThemeBackgroundContentRect
GetThemePartSize
GetThemeInt
GetThemeSysFont
GetThemeSysColor
GetCurrentThemeName
GetThemeBackgroundExtent
SetWindowTheme
ws2_32
getnameinfo
WSAStringToAddressA
getaddrinfo
freeaddrinfo
WSASend
WSARecv
WSASocketW
WSCEnumProtocols
iphlpapi
GetAdaptersInfo
psapi
GetDeviceDriverFileNameA
GetModuleFileNameExA
EnumProcessModules
GetDeviceDriverBaseNameA
EnumDeviceDrivers
EnumProcesses
pdh
PdhAddCounterA
PdhOpenQueryA
PdhCloseQuery
PdhGetFormattedCounterValue
PdhRemoveCounter
PdhCollectQueryData
netapi32
NetApiBufferFree
NetUserGetInfo
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationA
msimg32
GradientFill
AlphaBlend
Exports
Exports
?Request@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@00I@Z
?Request@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
_cJSON_AddArrayToObject@8
_cJSON_AddBoolToObject@12
_cJSON_AddFalseToObject@8
_cJSON_AddItemReferenceToArray@8
_cJSON_AddItemReferenceToObject@12
_cJSON_AddItemToArray@8
_cJSON_AddItemToObject@12
_cJSON_AddItemToObjectCS@12
_cJSON_AddNullToObject@8
_cJSON_AddNumberToObject@16
_cJSON_AddObjectToObject@8
_cJSON_AddRawToObject@12
_cJSON_AddStringToObject@12
_cJSON_AddTrueToObject@8
_cJSON_Compare@12
_cJSON_CreateArray@0
_cJSON_CreateArrayReference@4
_cJSON_CreateBool@4
_cJSON_CreateDoubleArray@8
_cJSON_CreateFalse@0
_cJSON_CreateFloatArray@8
_cJSON_CreateIntArray@8
_cJSON_CreateNull@0
_cJSON_CreateNumber@8
_cJSON_CreateObject@0
_cJSON_CreateObjectReference@4
_cJSON_CreateRaw@4
_cJSON_CreateString@4
_cJSON_CreateStringArray@8
_cJSON_CreateStringReference@4
_cJSON_CreateTrue@0
_cJSON_Delete@4
_cJSON_DeleteItemFromArray@8
_cJSON_DeleteItemFromObject@8
_cJSON_DeleteItemFromObjectCaseSensitive@8
_cJSON_DetachItemFromArray@8
_cJSON_DetachItemFromObject@8
_cJSON_DetachItemFromObjectCaseSensitive@8
_cJSON_DetachItemViaPointer@8
_cJSON_Duplicate@8
_cJSON_GetArrayItem@8
_cJSON_GetArraySize@4
_cJSON_GetErrorPtr@0
_cJSON_GetNumberValue@4
_cJSON_GetObjectItem@8
_cJSON_GetObjectItemCaseSensitive@8
_cJSON_GetStringValue@4
_cJSON_HasObjectItem@8
_cJSON_InitHooks@4
_cJSON_InsertItemInArray@12
_cJSON_IsArray@4
_cJSON_IsBool@4
_cJSON_IsFalse@4
_cJSON_IsInvalid@4
_cJSON_IsNull@4
_cJSON_IsNumber@4
_cJSON_IsObject@4
_cJSON_IsRaw@4
_cJSON_IsString@4
_cJSON_IsTrue@4
_cJSON_Minify@4
_cJSON_Parse@4
_cJSON_ParseWithLength@8
_cJSON_ParseWithLengthOpts@16
_cJSON_ParseWithOpts@12
_cJSON_Print@4
_cJSON_PrintBuffered@12
_cJSON_PrintPreallocated@16
_cJSON_PrintUnformatted@4
_cJSON_ReplaceItemInArray@12
_cJSON_ReplaceItemInObject@12
_cJSON_ReplaceItemInObjectCaseSensitive@12
_cJSON_ReplaceItemViaPointer@12
_cJSON_SetNumberHelper@12
_cJSON_SetValuestring@8
_cJSON_Version@0
_cJSON_free@4
_cJSON_malloc@4
pcre2_code_copy_16
pcre2_code_copy_with_tables_16
pcre2_code_free_16
pcre2_compile_16
pcre2_compile_context_copy_16
pcre2_compile_context_create_16
pcre2_compile_context_free_16
pcre2_config_16
pcre2_convert_context_copy_16
pcre2_convert_context_create_16
pcre2_convert_context_free_16
pcre2_general_context_copy_16
pcre2_general_context_create_16
pcre2_general_context_free_16
pcre2_get_error_message_16
pcre2_get_mark_16
pcre2_get_match_data_size_16
pcre2_get_ovector_count_16
pcre2_get_ovector_pointer_16
pcre2_get_startchar_16
pcre2_jit_compile_16
pcre2_jit_free_unused_memory_16
pcre2_jit_match_16
pcre2_jit_stack_assign_16
pcre2_jit_stack_create_16
pcre2_jit_stack_free_16
pcre2_match_16
pcre2_match_context_copy_16
pcre2_match_context_create_16
pcre2_match_context_free_16
pcre2_match_data_create_16
pcre2_match_data_create_from_pattern_16
pcre2_match_data_free_16
pcre2_set_bsr_16
pcre2_set_callout_16
pcre2_set_character_tables_16
pcre2_set_compile_extra_options_16
pcre2_set_compile_recursion_guard_16
pcre2_set_depth_limit_16
pcre2_set_glob_escape_16
pcre2_set_glob_separator_16
pcre2_set_heap_limit_16
pcre2_set_match_limit_16
pcre2_set_max_pattern_length_16
pcre2_set_newline_16
pcre2_set_offset_limit_16
pcre2_set_parens_nest_limit_16
pcre2_set_recursion_limit_16
pcre2_set_recursion_memory_management_16
pcre2_set_substitute_callout_16
sqlite3_carray_init
sqlite3_csv_init
sqlite3_fileio_init
sqlite3_regexp_init
sqlite3_series_init
sqlite3_shathree_init
sqlite3_uuid_init
Sections
.text Size: 6.3MB - Virtual size: 6.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 120KB - Virtual size: 347KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 643KB - Virtual size: 642KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ