iZotope iDrum[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

iZotope iDrum.dll
Size

2.2MB
MD5

c32f5a5ca0c3995ea6c6f0e5fe6079bc
SHA1

fd09f158e6b1a3e08ba562eb0898fc74b0d3ff79
SHA256

24fdbbd1da9839708d9cd4b2aada7ee99dfa1f45ea770ae01eacd67ac0c15e6f
SHA512

7ca06b88a4a986c7fa5b1b95685c20f7e282a8ba3ffc2a5c3ee237ada4c4e6c90b7caacc69826f560b7ccf7352079632399abf7f9f2b823f34ce590bdbb67028
SSDEEP

24576:VpKZBazpMtOiWOkYJJiI6CKPxjOMm5i95ZTDweo8WR9aJZwKTuhBCucKK7zvifJr:eZT3ksiW+pjpuzc/+JR5k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
iZotope iDrum.dll

Files

iZotope iDrum.dll
.dll windows x86

ff92772d44b7b09e8d24d70589a74bf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

getsockname
bind
listen
WSAStartup
socket
ioctlsocket
connect
__WSAFDIsSet
getsockopt
recv
send
select
closesocket
WSACleanup
WSASetLastError
ntohs
getservbyport
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr

kernel32

GetTimeFormatA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InterlockedExchange
GetProcessHeap
SetEndOfFile
LCMapStringW
LCMapStringA
SetStdHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameW
FlushFileBuffers
IsValidCodePage
GetOEMCP
GetACP
FreeLibrary
LockResource
LoadResource
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryW
GetLastError
SetLastError
GetUserDefaultUILanguage
CloseHandle
CreateMutexA
InterlockedExchangeAdd
OutputDebugStringA
GetModuleHandleA
GetLocaleInfoA
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
Sleep
GetCurrentThreadId
TerminateThread
WaitForSingleObject
RaiseException
SetThreadPriority
GetCurrentThread
CreateThread
GetProcessAffinityMask
GetCurrentProcess
HeapUnlock
HeapWalk
HeapLock
IsBadCodePtr
IsBadReadPtr
GetModuleFileNameA
GetLongPathNameW
GetModuleFileNameW
GetDateFormatA
GetSystemDirectoryW
GetWindowsDirectoryW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
MoveFileExW
GetDiskFreeSpaceExA
FindClose
FindNextFileW
FindFirstFileW
ReleaseMutex
InterlockedCompareExchange
TlsAlloc
InterlockedIncrement
TlsSetValue
DuplicateHandle
TlsGetValue
GetSystemDirectoryA
ReleaseSemaphore
GetCurrentProcessId
VirtualQuery
CreateFileW
InterlockedDecrement
SetUnhandledExceptionFilter
GetModuleHandleW
CreateSemaphoreW
WaitNamedPipeW
WaitForMultipleObjects
SetEvent
ResetEvent
WriteFile
TransactNamedPipe
SetNamedPipeHandleState
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
GetStartupInfoA
SetHandleCount
VirtualAlloc
FatalAppExitA
HeapSize
TlsFree
GetStdHandle
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetConsoleMode
GetConsoleCP
CreateFileA
ResumeThread
ExitThread
FindFirstFileA
RemoveDirectoryW
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
GetTempPathW
CreateProcessA
CreateDirectoryW
GetFullPathNameA
GetDriveTypeA
GetCPInfo
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
ReadFile
GetFileAttributesW
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
GetFileType
DeleteFileW
GetEnvironmentStringsW

user32

GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostQuitMessage
DestroyAcceleratorTable
MessageBoxA
MessageBoxW
SetTimer
GetWindowLongA
RegisterWindowMessageA
DestroyWindow
UnregisterClassA
GetClassInfoExA
DefWindowProcA
RegisterClassExA
CreateWindowExA
SetWindowLongA
GetKeyState
SetWindowPos
KillTimer

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumValueW

shell32

SHFileOperationW
SHGetFolderPathW

ole32

CoUninitialize
CoInitialize
CoCreateGuid

Exports

Exports

ExitDll
GetPluginFactory
InitDll
VSTPluginMain
main

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff92772d44b7b09e8d24d70589a74bf5

Headers

File Characteristics

Imports

version

ws2_32

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 266KB - Virtual size: 266KB

.data Size: 54KB - Virtual size: 79KB

.idata Size: 7KB - Virtual size: 6KB

_RDATA Size: 512B - Virtual size: 260B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 67KB - Virtual size: 66KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 266KB - Virtual size: 266KB

.data
Size: 54KB - Virtual size: 79KB

.idata
Size: 7KB - Virtual size: 6KB

_RDATA
Size: 512B - Virtual size: 260B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 67KB - Virtual size: 66KB