Tuesday, May 14, 2013

HOIC INFORMATION

Virus Total:
SHA256: 3c9806f8e132917ef85512505fadaca733e5523c271dd2e2a6925ddb9c3d0df0
SHA1: 0b419c8b9f60cb9cb8957a6dbccb393b5d072e43
MD5: 451c94a23536dcbba422d7612b34b6ff
File size: 8.5 MB ( 8902228 bytes )
File name: hoic2.1.exe
File type: Win32 EXE
Tags: peexe mz
Detection ratio: 25 / 46
Analysis date: 2013-05-14 14:47:05 UTC

Ikarus: not-a-virus.Hacktool.HOIC
K7AntiVirus: Hacktool 
VBA32: Hacktool.DDoSer.2321
McAfee: -
AV: -
"not-a-virus.Hacktool.HOIC"

Additional Information:

ssdeep
49152:XKgsEyTPOoMjJWPDYtoAoB81BE7nNeHhkD9d5VGokmPh2U69mNGkpETUPSGvVuWs:TsEaQWrYtlKheZmq9ANP61tmf
TrID
InstallShield setup (29.4%)
Win32 EXE PECompact compressed (generic) (28.4%)
Win32 Executable MS Visual C++ (generic) (21.3%)
Windows Screen Saver (8.9%)
Win32 Dynamic Link Library (generic) (4.5%)
ExifTool
SubsystemVersion.........: 4.0
LinkerVersion............: 8.0
ImageVersion.............: 0.0
FileSubtype..............: 0
FileVersionNumber........: 1.0.0.0
UninitializedDataSize....: 0
LanguageCode.............: English (U.S.)
FileFlagsMask............: 0x003f
CharacterSet.............: Unicode
InitializedDataSize......: 679936
FileOS...................: Win32
Country..................: 
MIMEType.................: application/octet-stream
LegalCopyright...........: 
FileVersion..............: 1.0.0.0
TimeStamp................: 2008:02:06 17:58:42+00:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: 
FileAccessDate...........: 2013:05:14 15:46:59+01:00
ProductVersion...........: 
FileDescription..........: 
Release..................: Development
OSVersion................: 4.0
FileCreateDate...........: 2013:05:14 15:46:59+01:00
OriginalFilename.........: hoic.exe
Subsystem................: Windows GUI
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: 
CodeSize.................: 1474560
ProductName..............: 
ProductVersionNumber.....: 1.0.0.0
EntryPoint...............: 0x15582f
ObjectFileType...........: Executable application
Portable Executable structural information
Compilation timedatestamp.....: 2008-02-06 17:58:42
Target machine................: Intel 386 or later processors and compatible processors
Entry point address...........: 0x0015582F

PE Sections...................:

Name        Virtual Address  Virtual Size  Raw Size  Entropy  MD5
.text                  4096       1472181   1474560     6.63  3ed7acfe70b41f6553a6ab207dc3b595
.rdata              1478656        216654    217088     6.10  cbf161d8a00f96c4e1b9e3ed8d194750
.data               1695744        430624    278528     2.09  cd66d1511bb815a3b68d4e63fc5a7c9d
.rsrc               2129920         27256     28672     4.30  f0ec48234dc728252789002f974c8652

PE Imports....................:

[[COMDLG32.dll]]
PrintDlgA, ChooseColorA, GetSaveFileNameW, PageSetupDlgA, GetOpenFileNameW

[[VERSION.dll]]
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW

[[WINMM.dll]]
mciSendStringA, midiOutShortMsg, mciSendStringW, midiOutOpen, midiOutClose

[[GDI32.dll]]
GetEnhMetaFileA, GetTextMetricsW, SetMapMode, GetSystemPaletteEntries, Polygon, CreateDIBSection, CreatePen, CreateFontIndirectA, GetTextMetricsA, CombineRgn, SetStretchBltMode, DeleteEnhMetaFile, GetPixel, Rectangle, CreateMetaFileW, GetObjectA, ExcludeClipRect, TranslateCharsetInfo, LineTo, DeleteDC, SetDIBitsToDevice, StretchBlt, EndDoc, GetMetaFileA, SelectObject, StartPage, DeleteObject, CreateBitmap, CloseMetaFile, GetFontLanguageInfo, CreateCompatibleBitmap, RealizePalette, SetTextColor, CreatePatternBrush, GetDeviceCaps, CreateEnhMetaFileW, BitBlt, SetAbortProc, CreateDCA, EnumFontsW, CreateICA, MoveToEx, CreatePalette, EnumFontFamiliesExW, CreateDIBitmap, SetViewportOrgEx, SelectPalette, GetDIBits, SetTextAlign, SelectClipRgn, RoundRect, CreateFontW, SetBkMode, StretchDIBits, CloseEnhMetaFile, SetBrushOrgEx, EndPage, CreateRectRgn, GetClipRgn, StartDocA, DeleteMetaFile, EnumEnhMetaFile, GetEnhMetaFileHeader, CreateBrushIndirect, CreateSolidBrush, SetViewportExtEx, GetStockObject, SetPixelV, SetWindowExtEx, GetTextExtentPoint32W, Ellipse, CreateCompatibleDC

[[SHELL32.dll]]
DragQueryFileW, SHBrowseForFolderW, DragAcceptFiles, SHFileOperationW, ShellExecuteW, SHGetPathFromIDListW, SHGetSpecialFolderLocation, SHGetDesktopFolder, Shell_NotifyIconW, SHGetMalloc, DragFinish

[[KERNEL32.dll]]
GetStdHandle, GetConsoleOutputCP, FileTimeToSystemTime, GetOverlappedResult, WaitForSingleObject, HeapDestroy, GetFileAttributesW, GetLocalTime, FreeEnvironmentStringsA, DeleteCriticalSection, GetCurrentProcess, CompareFileTime, GetConsoleMode, GetLocaleInfoA, _llseek, GetLogicalDrives, FreeEnvironmentStringsW, SetCommTimeouts, GetLocaleInfoW, SetStdHandle, GetCommModemStatus, IsDBCSLeadByteEx, WideCharToMultiByte, GetStringTypeA, WriteFile, _lopen, GetSystemTimeAsFileTime, HeapReAlloc, GetStringTypeW, FreeLibrary, GetTimeZoneInformation, LoadResource, GetLogicalDriveStringsW, FindClose, TlsGetValue, MoveFileW, SetFileAttributesW, GetStringTypeExA, GetEnvironmentVariableW, SetLastError, GetSystemTime, InitializeCriticalSection, CopyFileW, GetUserDefaultLangID, OutputDebugStringW, RemoveDirectoryW, IsDebuggerPresent, HeapAlloc, GetVersionExA, GetModuleFileNameA, QueryPerformanceFrequency, GetUserDefaultLCID, SetHandleCount, UnhandledExceptionFilter, InterlockedDecrement, MultiByteToWideChar, SetFilePointer, _lclose, SetEnvironmentVariableW, GetSystemDirectoryW, SetUnhandledExceptionFilter, MulDiv, ClearCommError, GetSystemDirectoryA, TerminateProcess, WriteConsoleA, SetCurrentDirectoryW, GetCommState, LocalFileTimeToFileTime, SetEndOfFile, GetCurrentThreadId, LeaveCriticalSection, WriteConsoleW, HeapFree, EnterCriticalSection, SetCommBreak, LoadLibraryW, GetOEMCP, QueryPerformanceCounter, GetTickCount, TlsAlloc, VirtualProtect, FlushFileBuffers, LoadLibraryA, RtlUnwind, GlobalSize, GetStartupInfoA, GetDateFormatA, GetWindowsDirectoryW, GetFileSize, GetModuleHandleW, GetCommProperties, CreateDirectoryW, DeleteFileW, GlobalLock, _lread, GetProcessHeap, GetTempFileNameW, CompareStringW, GlobalReAlloc, GetModuleFileNameW, ExpandEnvironmentStringsW, FindNextFileW, GlobalFree, lstrcpyA, ResetEvent, FindFirstFileW, GetProcAddress, EscapeCommFunction, CreateEventW, SetCommState, CreateFileW, CreateEventA, GetFileType, TlsSetValue, CreateFileA, ExitProcess, InterlockedIncrement, GetLastError, SystemTimeToFileTime, LCMapStringW, GetShortPathNameW, GetFileTime, GetConsoleCP, LCMapStringA, GetEnvironmentStringsW, GlobalUnlock, GlobalAlloc, FileTimeToLocalFileTime, GetEnvironmentStrings, GetCurrentDirectoryW, GetCurrentProcessId, LockResource, SetFileTime, GetCommandLineW, GetCPInfo, ClearCommBreak, HeapSize, GetCommandLineA, GetCurrentThread, RaiseException, CompareStringA, TlsFree, GetModuleHandleA, ReadFile, CloseHandle, GetACP, GetVersion, GetLongPathNameW, IsValidCodePage, HeapCreate, GetTempPathW, VirtualFree, Sleep, IsBadReadPtr, FindResourceA, VirtualAlloc, GetTimeFormatA

[[OLEAUT32.dll]]
Ord(419), Ord(424), Ord(6), Ord(2)

[[IPHLPAPI.DLL]]
GetAdaptersInfo

[[ADVAPI32.dll]]
RegCreateKeyExW, RegCloseKey, AccessCheck, RegDeleteKeyW, RegQueryValueExW, GetFileSecurityW, RegisterEventSourceW, DeregisterEventSource, RegOpenKeyExW, ImpersonateSelf, SetServiceStatus, RegQueryInfoKeyW, RegDeleteValueW, RegEnumKeyExW, OpenThreadToken, RegisterServiceCtrlHandlerA, MapGenericMask, RegEnumValueW, RevertToSelf, StartServiceCtrlDispatcherA, RegSetValueExW, ReportEventW

[[ole32.dll]]
OleUninitialize, CoUninitialize, CoInitialize, OleInitialize, CoCreateInstance, CLSIDFromString, RegisterDragDrop, CLSIDFromProgID, DoDragDrop, RevokeDragDrop, CoTaskMemAlloc, CoTaskMemFree, CoGetClassObject

[[USER32.dll]]
RedrawWindow, GetMessagePos, CharLowerBuffA, DestroyMenu, GetForegroundWindow, SetWindowPos, DispatchMessageA, EndPaint, VkKeyScanA, CharUpperBuffA, WindowFromPoint, DrawIcon, GetMessageTime, SetMenuItemInfoW, DispatchMessageW, GetCursorPos, ChildWindowFromPointEx, GetMenuStringW, GetMenu, IsClipboardFormatAvailable, SendMessageA, GetClassInfoW, DefMDIChildProcW, DrawTextW, SetScrollPos, GetWindowTextLengthA, GetSysColor, ClientToScreen, GetActiveWindow, ShowCursor, GetWindowTextW, LoadImageA, GetTopWindow, InvalidateRgn, GetMenuItemID, DestroyWindow, DrawEdge, GetParent, UpdateWindow, SetPropA, EnumWindows, GetMenuState, GetMessageW, ShowWindow, GetPropA, EnumDisplayMonitors, PeekMessageW, TranslateMDISysAccel, EnableWindow, PeekMessageA, TranslateMessage, GetAsyncKeyState, GetWindow, RegisterClassW, CreateCursor, GetIconInfo, SetParent, SetClipboardData, ScrollWindow, IsZoomed, SetWindowLongW, DrawMenuBar, EnableMenuItem, InvertRect, WindowFromDC, GetWindowLongA, CreateWindowExA, FillRect, CopyRect, GetSysColorBrush, CreateWindowExW, CreateMenu, GetMenuItemInfoW, DragDetect, SetFocus, MapVirtualKeyA, PostMessageA, BeginPaint, OffsetRect, DefWindowProcW, GetScrollPos, KillTimer, GetMonitorInfoA, RegisterWindowMessageA, DefWindowProcA, DrawFocusRect, GetClipboardData, GetSystemMetrics, IsIconic, SetScrollRange, GetWindowRect, InflateRect, RegisterClassA, SetCapture, ReleaseCapture, EnumChildWindows, SetWindowLongA, InvalidateRect, RemovePropA, CreatePopupMenu, CheckMenuItem, GetSubMenu, DrawIconEx, SetWindowTextW, SetTimer, BringWindowToTop, FindWindowW, ScreenToClient, LoadCursorA, LoadIconA, TrackPopupMenu, GetMenuItemCount, CreateIconFromResourceEx, CreateIconFromResource, GetSystemMenu, GetDC, InsertMenuW, SetForegroundWindow, OpenClipboard, EmptyClipboard, ReleaseDC, GetScrollRange, GetScrollInfo, CreateIconIndirect, MessageBeep, MessageBoxW, SendMessageW, DrawFrameControl, SetMenu, RegisterClipboardFormatA, MoveWindow, MessageBoxA, GetWindowDC, DestroyCursor, LoadCursorFromFileW, MsgWaitForMultipleObjectsEx, SetScrollInfo, GetKeyState, SystemParametersInfoA, GetDoubleClickTime, DestroyIcon, CreateMDIWindowW, GetWindowLongW, DefFrameProcW, IsWindowVisible, FrameRect, SetRect, DeleteMenu, GetKeyNameTextW, wsprintfA, CallWindowProcW, AdjustWindowRect, GetClientRect, ValidateRect, GetClassNameA, GetFocus, CloseClipboard, SetCursor

[[COMCTL32.dll]]
ImageList_Create, Ord(17), InitCommonControlsEx, ImageList_Destroy, ImageList_Add

PE Resources..................:

Resource type            Number of resources
RT_ICON                  6
RT_GROUP_CURSOR          3
RT_CURSOR                3
RT_MANIFEST              1
PICKLE                   1
RT_VERSION               1
RT_GROUP_ICON            1

Resource language        Number of resources
ENGLISH US               16
ClamAV PUA Engine
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .
First seen by VirusTotal
2010-12-10 07:32:17 UTC ( 2 years, 5 months ago )
Last seen by VirusTotal
2013-05-14 14:47:05 UTC ( 2 minutes ago )
File names (max. 25)
  1. hoic2.exe
  2. HOIC.exe
  3. 451c94a23536dcbba422d7612b34b6ff
  4. 1598819
  5. HOIC2.1.exe
  6. output.1598819.txt
  7. hoic2.1.exe
  8. "hoic2.1.exe"
  9. hoic2.1.exe
  10. smona_3c9806f8e132917ef85512505fadaca733e5523c271dd2e2a6925ddb9c3d0df0.bin
  11. hoic2.1.ex
 
at
Labels: , , ,

6 comments:

  1. AnonymousMay 25, 2013 at 4:51 PM

    When I originally commented I seem to have clicked the -Notify me when
    new comments are added- checkbox and from now on every time a comment is added I get four emails with the same comment.
    Perhaps there is a way you can remove me from that service?

    Cheers!

    Feel free to visit my web-site Sac Louis Vuitton Pas Cher

    ReplyDelete
  2. AnonymousJune 6, 2013 at 7:08 AM

    Wow, this paragraph is pleasant, my
    younger sister is analyzing such things, thus I am going
    to inform her.

    Feel free to visit my web-site; lasik eye surgery centers

    ReplyDelete
  3. AnonymousJune 6, 2013 at 7:13 AM

    I wanted to thank you for this fantastic read!! I certainly enjoyed every little bit of
    it. I've got you book-marked to check out new things you post

    My webpage; stall mats for gym floor

    ReplyDelete
  4. AnonymousJune 7, 2013 at 12:30 AM

    Hi, I do believe this is an excellent blog. I stumbledupon
    it ;) I am going
    to return once again since i have bookmarked it. Money and freedom is the
    greatest way to change, may you be rich and continue to guide other people.


    Look at my web blog; CrossFit rubber mats

    ReplyDelete
  5. AnonymousJune 7, 2013 at 1:12 AM

    It's the best time to make some plans for the future and it's time to be happy.
    I have read this submit and
    if I may I desire to suggest you few fascinating issues or tips.

    Maybe you could write next articles relating to this article.

    I wish to learn even
    more issues approximately it!

    My webpage: dating sites over 50

    ReplyDelete
  6. AnonymousJune 13, 2013 at 8:26 PM

    Woah! I'm really loving the template/theme of this blog.
    It's simple, yet effective. A lot of times
    it's challenging to
    get that "perfect balance" between usability and visual appearance.
    I must say you have done a amazing job with this.
    Additionally, the blog loads super quick for me on Internet explorer.
    Superb Blog!

    Here is my webpage ... best online dating sites

    ReplyDelete

Subscribe to: Post Comments (Atom)