VSTPluginMain
main
Static task
static1
1 signatures
General
-
Target
TB_TimeMachine_x64.zip
-
Size
1.7MB
-
MD5
a3f35bd64bc2419d65d265181addce12
-
SHA1
5a7c7afe670ecc9df54444f5b0dae5f65f28c2ee
-
SHA256
2446cadd7f3de3da8de6e5743d4f03749a52eb948ea4047d5dda5ccc9a7a718a
-
SHA512
2f9c4cdc7daec4df6835eaa0882ecfb2543ae96d2e3b6d0c324582fc3755ee4048ce2db3b2fe999ef2d5f61efd0b2fc79936568d662edc9f17b3504458c21e05
-
SSDEEP
49152:yu9Wu/Nv73bw4txQ0yuBb0rZNNBzT6NgGhNRR:y8lv75yulSZNNMhx
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/TB_TimeMachine.dll
Files
-
TB_TimeMachine_x64.zip.zip
-
TB_TimeMachine.dll.dll windows x64
62746c3b8bec74c2e1281074f777b604
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
shell32
SHGetPathFromIDListW
DragQueryFileW
SHBrowseForFolderW
ShellExecuteA
ole32
RegisterDragDrop
DoDragDrop
CoInitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
RevokeDragDrop
OleUninitialize
OleInitialize
gdi32
SwapBuffers
SetTextColor
DeleteDC
CreateDIBSection
CreateFontIndirectW
SetBkColor
GetRegionData
DeleteObject
CreateCompatibleDC
CreateRectRgn
ChoosePixelFormat
SetPixelFormat
CreateSolidBrush
user32
PeekMessageW
GetParent
GetWindowRect
DefWindowProcW
CallWindowProcW
SetMenuItemInfoW
SetWindowTextW
DestroyMenu
EnableWindow
MapWindowPoints
SendMessageW
SetWindowLongPtrW
IsWindowVisible
RegisterClassW
ReleaseCapture
GetCursor
CreateWindowExW
SetMenuInfo
CreatePopupMenu
GetCursorPos
ReleaseDC
GetWindowTextW
AppendMenuW
GetWindowLongW
GetClassNameW
GetAsyncKeyState
GetDC
GetUpdateRect
wsprintfW
BeginPaint
SetFocus
GetClientRect
GetWindowLongPtrW
GetWindowInfo
LoadCursorW
TrackMouseEvent
GetFocus
GetKeyState
KillTimer
UnregisterClassW
SetCapture
TrackPopupMenu
SetTimer
GetUpdateRgn
GetWindowTextLengthW
SetCursor
DestroyWindow
EndPaint
SetWindowPos
InvalidateRect
DispatchMessageW
GetSystemMetrics
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
shlwapi
ord12
SHCreateStreamOnFileEx
gdiplus
GdipSetLineBlend
GdipNewInstalledFontCollection
GdiplusStartup
GdipGetFontCollectionFamilyCount
GdipCreateLineBrush
GdipGetImageGraphicsContext
GdipSetPathFillMode
GdipSetPenDashArray
GdipAddPathRectangle
GdipGetDpiY
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetPathWorldBounds
GdipDeleteFont
GdipDrawPath
GdipGetFontHeightGivenDPI
GdipSetTextRenderingHint
GdipCreateFromHWND
GdipSetClipRect
GdipStartPathFigure
GdipGetFamilyName
GdipMeasureString
ord1
GdipDrawEllipse
GdipFillPolygon
GdipGetEmHeight
GdipDrawImageRectRectI
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromStreamICM
GdipCloneBrush
GdipDeletePen
GdipGetFontCollectionFamilyList
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdipSetPenDashOffset
GdipSetPenLineJoin
GdipCreatePen1
GdipSetPixelOffsetMode
GdipGetImageWidth
GdipCreatePath
GdipSetPenDashStyle
GdipCloneFontFamily
GdipFillEllipse
GdipCloneImage
GdipCreateFromHWNDICM
GdipCreateBitmapFromResource
GdipRestoreGraphics
GdipBitmapLockBits
GdipSetInterpolationMode
GdipGetCellAscent
GdipDeleteMatrix
GdipGetPathLastPoint
GdipFillPath
GdipDrawLine
GdipSetSolidFillColor
GdipCreateFromHDC
GdipCreateFontFamilyFromName
GdipCreateHBITMAPFromBitmap
GdipFillRectangle
GdipTranslateWorldTransform
GdipGetLineSpacing
GdipDrawString
GdipGetCellDescent
GdipDrawRectangle
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipClonePath
GdipTransformPath
GdipDeletePath
GdipSetPageUnit
GdipSetPenLineCap197819
GdipCreateFont
GdipSetPenWidth
GdipAddPathLine
GdipAddPathEllipse
GdipDisposeImage
GdipCreateMatrix2
GdipAlloc
GdipSetPenColor
GdipSaveGraphics
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipBitmapUnlockBits
GdipDeleteFontFamily
GdipDrawPolygon
GdipAddPathBezier
GdipGetFamily
GdipClosePathFigure
GdipCreateBitmapFromStream
GdipSetSmoothingMode
GdipGetFontSize
opengl32
wglGetCurrentContext
wglMakeCurrent
wglDeleteContext
wglCreateContext
kernel32
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetStringTypeW
CreateFileW
WriteConsoleW
SetEndOfFile
FindResourceA
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
LoadLibraryW
OutputDebugStringW
HeapReAlloc
SetConsoleCtrlHandler
LoadLibraryExW
FatalAppExitA
FreeEnvironmentStringsW
GetEnvironmentStringsW
Sleep
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
CreateSemaphoreW
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcessHeap
GetCurrentThread
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
CloseHandle
ReadConsoleW
GetConsoleMode
ReadFile
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
WriteFile
GetStdHandle
RtlUnwindEx
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RaiseException
RtlPcToFileHeader
GetTickCount
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
HeapAlloc
HeapFree
GetLastError
DecodePointer
EncodePointer
DeleteCriticalSection
LockResource
LoadLibraryA
GlobalFree
EnterCriticalSection
GetProcAddress
GlobalUnlock
MultiByteToWideChar
LeaveCriticalSection
GetVersionExW
SizeofResource
WideCharToMultiByte
GlobalAlloc
InitializeCriticalSection
GlobalLock
GlobalSize
LoadResource
FreeLibrary
Exports
Exports
Sections
.text Size: 696KB - Virtual size: 695KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 295KB - Virtual size: 295KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 21KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
TB_TimeMachine.key