hsroexec[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

hsroexec.rar
Size

69.0MB
MD5

17fdc310e06eacc97547113b5576ab73
SHA1

be038217f3a0c3aa36820e058a9fb18ba6439160
SHA256

6ed4bbd774d7cbd1ae12dd26f638590c6932901a04469e6df1934ff1b1b5d7a8
SHA512

b09cd201d208b0279b42b74401a9cb6b55053fbefea3bd4427d2fd9e7aa3fae9b1573c6a7bdf7fd56358a8558f0ec8cd13378b1e14dee99b02a79e14fd414471
SSDEEP

1572864:EwwjutSo/SicG4e7872A8krEgvsyBElmuMh067ZYqJIw:Ewwj3o/Sia6858krzElmuM5JJIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hsroexec/x64/Release/executor-hsro/bigasghyg1283otduygf.bin

Files

hsroexec.rar
.rar
hsroexec/.vs/hsro-executor/FileContentIndex/2746d73a-7079-48e1-9df8-27c10068997c.vsidx
hsroexec/.vs/hsro-executor/FileContentIndex/ba1df9f0-38a1-4531-a941-c0d00a0b31d1.vsidx
hsroexec/.vs/hsro-executor/v16/.suo
hsroexec/.vs/hsro-executor/v16/Browse.VC.db
hsroexec/.vs/hsro-executor/v17/.suo
hsroexec/.vs/hsro-executor/v17/Browse.VC.db
hsroexec/.vs/hsro-executor/v17/DocumentLayout.json
hsroexec/.vs/hsro-executor/v17/Solution.VC.db
hsroexec/.vs/hsro-executor/v17/ipch/AutoPCH/7abfb76940bdf613/DLLMAIN.ipch
hsroexec/.vs/hsro-executor/v17/ipch/AutoPCH/cce5615559051659/LUA_CMSGPACK.ipch
hsroexec/.vs/hsro-executor/v17/ipch/AutoPCH/d51663a4491a286/FXLUACONTEXT.ipch
hsroexec/.vs/hsro-executor/v17/ipch/AutoPCH/f50558bc7162145/MAIN.ipch
hsroexec/FiveM-NativeInvoker/FiveM-NativeInvoker.vcxproj
.xml
hsroexec/FiveM-NativeInvoker/FiveM-NativeInvoker.vcxproj.filters
hsroexec/FiveM-NativeInvoker/FiveM-NativeInvoker.vcxproj.user
hsroexec/FiveM-NativeInvoker/LuaEnviroment.cpp
.js
hsroexec/FiveM-NativeInvoker/LuaEnviroment.h
hsroexec/FiveM-NativeInvoker/ResultCleaners.h
hsroexec/FiveM-NativeInvoker/RpcConfiguration.cpp
hsroexec/FiveM-NativeInvoker/RpcConfiguration.h
hsroexec/FiveM-NativeInvoker/Utils.h
hsroexec/FiveM-NativeInvoker/c-nativelist.h
hsroexec/FiveM-NativeInvoker/dllmain.cpp
hsroexec/FiveM-NativeInvoker/dllmain.h
hsroexec/FiveM-NativeInvoker/fx.h
hsroexec/FiveM-NativeInvoker/fxLuaContext.h
.js
hsroexec/FiveM-NativeInvoker/icons.h
hsroexec/FiveM-NativeInvoker/logger.hpp
hsroexec/FiveM-NativeInvoker/main.cpp
hsroexec/FiveM-NativeInvoker/nativeinvoker.cpp
.js
hsroexec/FiveM-NativeInvoker/nativeinvoker.h
hsroexec/FiveM-NativeInvoker/net.cpp
hsroexec/FiveM-NativeInvoker/net.h
hsroexec/FiveM-NativeInvoker/x64/Debug/FiveM-NativeInvoker.log
hsroexec/FiveM-NativeInvoker/x64/Release/FiveM-NativeInvoker.log
hsroexec/FiveM-NativeInvoker/x64/Release/executor-hsro.tlog/CL.command.1.tlog
hsroexec/FiveM-NativeInvoker/x64/Release/executor-hsro.tlog/CL.read.1.tlog
hsroexec/FiveM-NativeInvoker/x64/Release/executor-hsro.tlog/CL.write.1.tlog
hsroexec/FiveM-NativeInvoker/x64/Release/executor-hsro.tlog/executor-hsro.lastbuildstate
hsroexec/FiveM-NativeInvoker/x64/Release/hsroexecutor.dll.recipe
hsroexec/FiveM-NativeInvoker/x64/Release/lapi.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lapi.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lauxlib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lauxlib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lbaselib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lbaselib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lbitlib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lbitlib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lcode.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lcode.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lcorolib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lcorolib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lctype.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lctype.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ldblib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ldblib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ldebug.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ldebug.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ldo.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ldo.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ldump.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ldump.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lfunc.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lfunc.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lgc.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lgc.obj
hsroexec/FiveM-NativeInvoker/x64/Release/linit.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/linit.obj
hsroexec/FiveM-NativeInvoker/x64/Release/liolib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/liolib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/llex.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/llex.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lmathlib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmathlib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lmem.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmem.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_collections.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_collections.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_lib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_lib.obj
.js
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_record.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_record.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_report.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lmprof_report.obj
hsroexec/FiveM-NativeInvoker/x64/Release/loadlib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/loadlib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lobject.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lobject.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lopcodes.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lopcodes.obj
hsroexec/FiveM-NativeInvoker/x64/Release/loslib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/loslib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lparser.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lparser.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lstate.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lstate.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lstring.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lstring.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lstrlib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lstrlib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ltable.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ltable.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ltablib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ltablib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/ltm.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/ltm.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lua.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lua.obj
hsroexec/FiveM-NativeInvoker/x64/Release/luac.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/luac.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lundump.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lundump.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lutf8lib.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lutf8lib.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lvm.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lvm.obj
hsroexec/FiveM-NativeInvoker/x64/Release/lzio.nativecodeanalysis.sarif
hsroexec/FiveM-NativeInvoker/x64/Release/lzio.obj
hsroexec/FiveM-NativeInvoker/x64/Release/vc143.pdb
hsroexec/FiveM-NativeInvoker/x64/Release/vcpkg.applocal.log
hsroexec/LuaSystemFiles/alokasmenu.lua
hsroexec/LuaSystemFiles/deferred.lua
.js
hsroexec/LuaSystemFiles/natives_universal.lua
.js
hsroexec/LuaSystemFiles/scheduler.lua
.js
hsroexec/LuaSystemFiles/test.lua
hsroexec/hsro-executor.sln
hsroexec/imgui.ini
hsroexec/include/document.h
hsroexec/include/json.hpp
hsroexec/include/lmprof/collections/lmprof_collections.c
hsroexec/include/lmprof/collections/lmprof_hash.h
hsroexec/include/lmprof/collections/lmprof_record.c
hsroexec/include/lmprof/collections/lmprof_record.h
hsroexec/include/lmprof/collections/lmprof_stack.h
hsroexec/include/lmprof/collections/lmprof_traceevent.h
hsroexec/include/lmprof/lmprof.c
hsroexec/include/lmprof/lmprof.h
hsroexec/include/lmprof/lmprof_conf.h
hsroexec/include/lmprof/lmprof_lib.c
.js
hsroexec/include/lmprof/lmprof_lib.h
hsroexec/include/lmprof/lmprof_report.c
hsroexec/include/lmprof/lmprof_report.h
hsroexec/include/lmprof/lmprof_state.h
hsroexec/include/lua-cmsgpack/compat.lua
.js
hsroexec/include/lua-cmsgpack/lua_cmsgpack.c
hsroexec/include/lua-cmsgpack/lua_cmsgpack.h
.js
hsroexec/include/lua-cmsgpack/lua_cmsgpacklib.h
.js
hsroexec/include/lua-cmsgpack/pack_template_ext.h
hsroexec/include/lua-rapidjson/StringStream.hpp
hsroexec/include/lua-rapidjson/compat.lua
hsroexec/include/lua-rapidjson/compat_clzll.h
hsroexec/include/lua-rapidjson/lua_rapidjson.cpp
.js
hsroexec/include/lua-rapidjson/lua_rapidjson.hpp
hsroexec/include/lua-rapidjson/lua_rapidjsonlib.h
hsroexec/include/lua-rapidjson/reader_dkcompat.hpp
hsroexec/include/lua/lapi.c
hsroexec/include/lua/lapi.h
hsroexec/include/lua/lauxlib.c
hsroexec/include/lua/lauxlib.h
hsroexec/include/lua/lbaselib.c
hsroexec/include/lua/lbitlib.c
hsroexec/include/lua/lcode.c
hsroexec/include/lua/lcode.h
hsroexec/include/lua/lcorolib.c
hsroexec/include/lua/lctype.c
hsroexec/include/lua/lctype.h
hsroexec/include/lua/ldblib.c
hsroexec/include/lua/ldebug.c
hsroexec/include/lua/ldebug.h
hsroexec/include/lua/ldo.c
.js
hsroexec/include/lua/ldo.h
hsroexec/include/lua/ldump.c
hsroexec/include/lua/lfunc.c
hsroexec/include/lua/lfunc.h
hsroexec/include/lua/lgc.c
hsroexec/include/lua/lgc.h
hsroexec/include/lua/linit.c
hsroexec/include/lua/liolib.c
hsroexec/include/lua/llex.c
hsroexec/include/lua/llex.h
hsroexec/include/lua/llimits.h
hsroexec/include/lua/lmathlib.c
hsroexec/include/lua/lmem.c
hsroexec/include/lua/lmem.h
hsroexec/include/lua/loadlib.c
hsroexec/include/lua/lobject.c
hsroexec/include/lua/lobject.h
hsroexec/include/lua/lopcodes.c
hsroexec/include/lua/lopcodes.h
hsroexec/include/lua/loslib.c
hsroexec/include/lua/lparser.c
hsroexec/include/lua/lparser.h
hsroexec/include/lua/lprefix.h
hsroexec/include/lua/lstate.c
hsroexec/include/lua/lstate.h
hsroexec/include/lua/lstring.c
hsroexec/include/lua/lstring.h
hsroexec/include/lua/lstrlib.c
hsroexec/include/lua/ltable.c
hsroexec/include/lua/ltable.h
hsroexec/include/lua/ltablib.c
hsroexec/include/lua/ltm.c
hsroexec/include/lua/ltm.h
hsroexec/include/lua/lua.c
hsroexec/include/lua/lua.h
hsroexec/include/lua/lua.hpp
hsroexec/include/lua/luac.c
hsroexec/include/lua/luaconf.h
hsroexec/include/lua/lualib.h
hsroexec/include/lua/lundump.c
hsroexec/include/lua/lundump.h
hsroexec/include/lua/lutf8lib.c
hsroexec/include/lua/lvm.c
hsroexec/include/lua/lvm.h
hsroexec/include/lua/lzio.c
hsroexec/include/lua/lzio.h
hsroexec/include/pack.h
hsroexec/vcpkg.bat
hsroexec/x64/Release/executor-hsro/bigasghyg1283otduygf.bin
.dll windows:6 windows x64 arch:x64

3b4a6446715b01fbeff1e01dc35e437c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
LoadLibraryExA
GetLastError
GetProcAddress
FreeLibrary
FormatMessageA
FreeLibraryAndExitThread
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CloseHandle
CreateThread
SetConsoleTextAttribute
GetModuleHandleW
SetConsoleTitleA
SetConsoleScreenBufferSize
GetStdHandle
SetConsoleWindowInfo
GetModuleHandleA
AttachConsole
GetCurrentProcessId
GetConsoleWindow
SetConsoleOutputCP
GetCurrentThreadId
SetEndOfFile
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleW
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
Sleep
GetCurrentProcess
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
Thread32First
Thread32Next
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
TryAcquireSRWLockExclusive
WideCharToMultiByte
RtlPcToFileHeader
RaiseException
MultiByteToWideChar
GetTempPathW
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlUnwindEx
InterlockedFlushSList
SetLastError
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
DuplicateHandle
CreateProcessW
ReadFile
ExitProcess
GetModuleHandleExW
ExitThread
GetConsoleCP
SetStdHandle
GetFileType
GetModuleFileNameW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetFileSizeEx
SetFilePointerEx
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
CreateFileW
DeleteFileW
GetTimeZoneInformation
MoveFileExW
SetConsoleMode
ReadConsoleInputW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW

user32

SetLayeredWindowAttributes
SetWindowLongW
SetWindowPos
GetWindowLongW

Exports

Exports

msgpack_unpack
msgpack_unpack_next
msgpack_unpacker_data
msgpack_unpacker_destroy
msgpack_unpacker_execute
msgpack_unpacker_expand_buffer
msgpack_unpacker_flush_zone
msgpack_unpacker_free
msgpack_unpacker_init
msgpack_unpacker_new
msgpack_unpacker_next
msgpack_unpacker_next_with_size
msgpack_unpacker_release_zone
msgpack_unpacker_reset
msgpack_unpacker_reset_zone
msgpack_zone_clear
msgpack_zone_destroy
msgpack_zone_free
msgpack_zone_init
msgpack_zone_is_empty
msgpack_zone_malloc_expand
msgpack_zone_new

Sections

.text
Size: 906KB - Virtual size: 906KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hsroexec/x64/Release/executor-hsro/hsro.lua
hsroexec/x64/Release/executor-hsro/hsroexecutor.exp
hsroexec/x64/Release/executor-hsro/hsroexecutor.lib

Sharing

General

Malware Config

Signatures

Files

3b4a6446715b01fbeff1e01dc35e437c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 906KB - Virtual size: 906KB

.rdata Size: 195KB - Virtual size: 195KB

.data Size: 10KB - Virtual size: 22KB

.pdata Size: 41KB - Virtual size: 41KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 906KB - Virtual size: 906KB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 10KB - Virtual size: 22KB

.pdata
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 5KB - Virtual size: 4KB