HASPHL2007[.]exe[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

HASPHL2007.exe.7z
Size

384KB
MD5

fac81537bde05d977e8fc8d4324fca51
SHA1

b2711020af444212285eb661c449a0d18da06287
SHA256

23dfc057ac4071ecad8681fb81e72a75122d12d40dfa6344689c153a82d14154
SHA512

2da85605f7e039a162dbdf0ab850b297ba3af30cf0ee24361b8f12d45ae9be2d95d3cd3a904f50946634565e6f133dd8c8f896660173599cedcc35a8bfd3d6c4
SSDEEP

12288:XSMHEc9ddxwY12LRgbmKSbGsa45eUOR6/gT:XJHPmY12LROmKCGst1ORfT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HASPHL2007.exe

Files

HASPHL2007.exe.7z
.7z

Password: infected
HASPHL2007.exe
.exe windows:4 windows x86 arch:x86

0d0db416e4e7afef00d6f651715df531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\MyProjects\Hasp_hl\Exe\Release\HASP_HL'2007.pdb

Imports

kernel32

GetCurrentDirectoryA
GetFileSize
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapSize
SetEndOfFile
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
VirtualProtect
MultiByteToWideChar
ReadFile
InterlockedExchange
RtlUnwind
SetFilePointer
FlushFileBuffers
SetStdHandle
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteFileA
GetSystemDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WriteFile
CloseHandle
DeviceIoControl
VirtualQuery
CreateFileA
GetTickCount
GetCurrentProcessId
GetEnvironmentVariableA
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
GetModuleHandleA
LocalAlloc
LocalFree
GetVersion
SearchPathA
Sleep
WaitForSingleObject
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
GetLocalTime
GetModuleFileNameA
FindNextFileA
FindClose
FindFirstFileA
lstrlenA
lstrcmpA
GetSystemTime
SystemTimeToFileTime
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
HeapDestroy
HeapCreate
GetLocaleInfoA

comctl32

ord17

user32

PostQuitMessage
LoadIconA
RegisterClassA
LoadAcceleratorsA
UpdateWindow
TranslateAcceleratorA
SetWindowLongA
GetClientRect
DestroyWindow
CreateDialogParamA
GetWindowLongA
ShowWindow
GetWindowTextA
SendMessageA
PeekMessageA
DispatchMessageA
GetMessageA
TranslateMessage
IsDlgButtonChecked
GetDlgItem
EndDialog
IsWindowEnabled
CreateWindowExA
EnableWindow
CheckRadioButton
MessageBoxA
SetWindowTextA
DefWindowProcA

comdlg32

GetOpenFileNameA

advapi32

RegDeleteKeyA
DeleteService
ControlService
StartServiceA
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
QueryServiceConfigA
CloseServiceHandle
CreateServiceA

Sections

.text
Size: 496KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

0d0db416e4e7afef00d6f651715df531

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

comdlg32

advapi32

Sections

.text Size: 496KB - Virtual size: 493KB

_TEXT Size: 4KB - Virtual size: 1KB

CONST Size: 4KB - Virtual size: 32B

.data Size: 44KB - Virtual size: 63KB

_RDATA Size: 12KB - Virtual size: 8KB

.rsrc Size: 260KB - Virtual size: 256KB

.text
Size: 496KB - Virtual size: 493KB

_TEXT
Size: 4KB - Virtual size: 1KB

CONST
Size: 4KB - Virtual size: 32B

.data
Size: 44KB - Virtual size: 63KB

_RDATA
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 260KB - Virtual size: 256KB