AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Static task
static1
General
-
Target
Vital.exe
-
Size
15.0MB
-
MD5
6ca4404dcdefd0adf2a8d004eff4d3ab
-
SHA1
8097ddcc1bc8c340db940295728ac2587917cac1
-
SHA256
93f349872750f6b9a8d7ba0fb72dcde089fb9c2a86565d7859bf57b5749b0f52
-
SHA512
67660d3c716bd33c82344ac60dbf3507b12f41801b0c004b031496d9381dc0e4c011b9d452f4a5dc6c374cc68274aafcc32ccb1147d69c3b312cc846fc24107b
-
SSDEEP
196608:z4TOQQpgT3rrrAM3TP2qNYkBU2BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB8:ztgHAM3ql
Score
1/10
Malware Config
Signatures
Files
-
Vital.exe.exe windows x64
331a416f081405d1ff1b3f6c74f7cf4f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
ReplaceFileW
DeleteCriticalSection
ExitProcess
CreateProcessW
GetModuleHandleW
FreeLibrary
CopyFileW
CreateSymbolicLinkW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
GetCommandLineW
AttachConsole
LocalFree
GlobalSize
GlobalAlloc
GetCurrentProcessId
GlobalUnlock
VerSetConditionMask
VerifyVersionInfoA
HeapAlloc
HeapFree
GetProcessHeap
K32EnumProcessModules
K32GetModuleBaseNameA
OutputDebugStringA
MultiByteToWideChar
K32GetProcessMemoryInfo
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
SetEvent
OutputDebugStringW
GetFileAttributesExW
GetLastError
LoadLibraryA
InitializeSListHead
GetThreadPriority
GetPriorityClass
Sleep
CreateEventW
GetLogicalDriveStringsW
RtlCaptureStackBackTrace
DisconnectNamedPipe
GetModuleHandleA
UnmapViewOfFile
GetSystemDirectoryW
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WaitForSingleObject
FormatMessageW
FindClose
CreateMutexW
GetTempPathW
PeekNamedPipe
SetFilePointer
InitializeCriticalSection
CreatePipe
LeaveCriticalSection
SetThreadPriority
CreateDirectoryW
WaitForMultipleObjects
GetModuleFileNameW
SetFileTime
RemoveDirectoryW
TerminateProcess
DeviceIoControl
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
SetPriorityClass
SetHandleInformation
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
SetThreadAffinityMask
GlobalLock
InitializeCriticalSectionAndSpinCount
user32
GetDC
InvalidateRect
SetForegroundWindow
DestroyIcon
GetWindowTextW
SetWindowPos
GetWindowRect
ReleaseDC
GetWindowThreadProcessId
AttachThreadInput
PostMessageW
TranslateMessage
IsWindow
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
DefWindowProcW
SendMessageTimeoutW
GetFocus
DestroyWindow
SetWindowLongPtrW
CreateWindowExW
GetMessageW
RegisterClassExW
ShowWindow
GetWindowLongPtrW
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
ReleaseCapture
GetParent
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
FindWindowW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
RedrawWindow
GetCapture
OpenClipboard
GetAsyncKeyState
CreateWindowExA
ClientToScreen
EnumDisplaySettingsA
GetWindowLongW
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
FindWindowExW
IsWindowVisible
MessageBoxW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
ScreenToClient
SendMessageW
EndDialog
GetSystemMetrics
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
GetKeyboardState
SetCaretPos
GetActiveWindow
UnregisterClassW
gdi32
CombineRgn
CreateBitmap
RestoreDC
ExcludeClipRect
GetObjectW
CreateRectRgn
CreateRectRgnIndirect
SelectObject
CreateDIBSection
SaveDC
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers
GetKerningPairsW
CreateCompatibleDC
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
EnumFontFamiliesExW
StretchDIBits
GetRegionData
GetOutlineTextMetricsW
shell32
SHGetSpecialFolderPathW
CommandLineToArgvW
Shell_NotifyIconW
DragQueryFileW
SHCreateShellItem
SHGetMalloc
ExtractAssociatedIconW
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
ShellExecuteW
ole32
CoTaskMemAlloc
OleUninitialize
DoDragDrop
RevokeDragDrop
OleInitialize
CoCreateInstance
CLSIDFromString
PropVariantClear
CoTaskMemFree
CoInitialize
RegisterDragDrop
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyW
wininet
FtpOpenFileW
InternetOpenW
HttpQueryInfoW
InternetReadFile
InternetSetOptionW
InternetConnectW
InternetCloseHandle
HttpSendRequestExW
HttpEndRequestW
InternetCrackUrlW
InternetSetFilePointer
HttpOpenRequestW
InternetWriteFile
ws2_32
sendto
freeaddrinfo
htons
htonl
setsockopt
getsockopt
recv
inet_ntoa
__WSAFDIsSet
accept
bind
closesocket
ioctlsocket
select
send
getaddrinfo
WSAStartup
inet_addr
shlwapi
PathStripToRootW
winmm
midiInStop
midiOutClose
midiOutLongMsg
midiOutGetNumDevs
midiOutShortMsg
midiInGetNumDevs
midiOutMessage
midiInAddBuffer
midiInClose
midiInStart
midiInGetDevCapsW
midiOutUnprepareHeader
midiInPrepareHeader
midiInReset
midiOutOpen
midiOutPrepareHeader
midiOutGetDevCapsW
midiInOpen
midiInUnprepareHeader
timeKillEvent
timeGetTime
timeBeginPeriod
midiInMessage
msvcp140
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
_Xtime_get_ticks
_Query_perf_counter
_Cnd_wait
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
_Cnd_timedwait
?_Xlength_error@std@@YAXPEBD@Z
?_Throw_C_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Xbad_alloc@std@@YAXXZ
?classic@locale@std@@SAAEBV12@XZ
?_Throw_Cpp_error@std@@YAXH@Z
_Query_perf_frequency
_Cnd_init_in_situ
_Mtx_current_owns
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Thrd_yield
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
dbghelp
SymFromAddr
SymGetModuleInfo64
SymInitialize
imm32
ImmSetCandidateWindow
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__intrinsic_setjmp
__RTDynamicCast
__std_exception_destroy
_purecall
__std_terminate
strchr
longjmp
_CxxThrowException
memcpy
memmove
memset
memchr
memcmp
__current_exception
__C_specific_handler
__current_exception_context
__std_exception_copy
api-ms-win-crt-time-l1-1-0
wcsftime
_ftime64_s
_localtime64_s
_gmtime64_s
_mktime64
api-ms-win-crt-heap-l1-1-0
_callnewh
calloc
_aligned_realloc
realloc
_set_new_mode
free
_aligned_malloc
malloc
_aligned_free
api-ms-win-crt-runtime-l1-1-0
terminate
_configure_narrow_argv
_beginthreadex
_initialize_narrow_environment
exit
_initialize_onexit_table
_errno
_endthreadex
_register_onexit_function
_crt_atexit
_fpreset
abort
_cexit
_seh_filter_exe
_set_app_type
_register_thread_local_exe_atexit_callback
_c_exit
_get_narrow_winmain_command_line
_exit
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-string-l1-1-0
iswalnum
iswspace
towlower
strncmp
iswalpha
iswupper
strcmp
iswdigit
iswlower
towupper
api-ms-win-crt-math-l1-1-0
log2f
roundf
round
fmaxf
fminf
tanf
atan2f
cosf
frexp
ldexp
sinf
_copysign
logf
powf
_dclass
_fdclass
acos
asinf
atan2
atanf
cos
__setusermatherr
exp
expf
fmod
log
log10f
pow
sin
_finite
tan
_dsign
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf_s
__stdio_common_vsscanf
fwrite
__p__commode
fread
freopen_s
__stdio_common_vfprintf
fseek
fflush
fclose
_ftelli64
fopen
_fseeki64
__stdio_common_vswprintf
__stdio_common_vsprintf
_set_fmode
_fileno
__acrt_iob_func
api-ms-win-crt-convert-l1-1-0
strtoll
_atoi64
strtoull
_strtod_l
atoi
wcstombs
mbstowcs
strtod
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
_create_locale
localeconv
api-ms-win-crt-utility-l1-1-0
rand
qsort
api-ms-win-crt-environment-l1-1-0
getenv
Exports
Exports
Sections
.text Size: 8.9MB - Virtual size: 8.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IPPCODE Size: 620KB - Virtual size: 620KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 412KB - Virtual size: 3.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 323KB - Virtual size: 323KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IPPDATA Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 156KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 103KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 94KB - Virtual size: 93KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ