Static task
static1
General
-
Target
3RVX-2.9.2.zip
-
Size
1.8MB
-
MD5
6996d9b125f682962bfdd3d0441f3a67
-
SHA1
d60b3089d11391a371640a818f5a2e732f571ad2
-
SHA256
7d6c0d3c94d4ff1755cbdf3eb9b235a16084588c1e31759bd221617e5ac166d3
-
SHA512
4ac6b2192121388fb741ade0f2c81f46c580277368504e45ebe6a29d3460cbb7105e2ada120c31c6dfd2256d726ca6185c97608c74f2a7ff4037a4e0cc98f819
-
SSDEEP
49152:Vhb1F1a5pHhEkjN6M815bJ5tm8gTofglJS:fb1e5pHhEkjH81K8gToY2
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/3RVX.exe unpack001/Settings.exe
Files
-
3RVX-2.9.2.zip.zip
-
3RVX.exe.exe windows:6 windows x86
789631d079c45999f80c1cb7e2269ae3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindFirstFileW
FindNextFileW
FindClose
VerSetConditionMask
VerifyVersionInfoW
GetLogicalDrives
GetDriveTypeW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
ReleaseMutex
CreateMutexW
SetEndOfFile
HeapSize
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetProcessHeap
CloseHandle
FlushFileBuffers
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetACP
WriteFile
HeapReAlloc
ExitThread
HeapFree
HeapAlloc
ReadFile
GetModuleHandleExW
ExitProcess
RaiseException
RtlUnwind
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
GetStdHandle
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
CreateFileW
DeviceIoControl
GetVolumeInformationW
GetConsoleCP
GetLastError
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceCounter
DecodePointer
EncodePointer
GetExitCodeThread
GetCurrentThread
GetCurrentProcess
Sleep
WaitForSingleObjectEx
DuplicateHandle
GetCurrentThreadId
DeleteCriticalSection
TryEnterCriticalSection
InterlockedFlushSList
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
user32
DestroyWindow
PostQuitMessage
KillTimer
FindWindowW
TranslateMessage
RegisterClassExW
UnregisterClassW
CreateWindowExW
SetTimer
DispatchMessageW
SendMessageW
PostMessageW
GetMessageW
RegisterWindowMessageW
GetDesktopWindow
GetForegroundWindow
GetMonitorInfoW
GetShellWindow
EnumDisplayMonitors
MonitorFromWindow
GetWindowRect
MonitorFromPoint
MessageBoxW
SendInput
GetAsyncKeyState
MapVirtualKeyW
GetMessageExtraInfo
ReleaseDC
UpdateLayeredWindowIndirect
MoveWindow
ShowWindow
SetWindowPos
GetDC
GetWindowLongW
GetCursorPos
SetForegroundWindow
RemoveMenu
TrackPopupMenuEx
InsertMenuW
DestroyMenu
CreatePopupMenu
GetSystemMetrics
DefWindowProcW
SetWindowsHookExW
UnhookWindowsHookEx
RegisterHotKey
CallNextHookEx
GetKeyState
UnregisterHotKey
DestroyIcon
ReleaseCapture
SetWindowLongW
SetCapture
EnableMenuItem
SetActiveWindow
LoadCursorW
gdi32
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
shell32
Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW
ole32
CoCreateInstance
PropVariantClear
CoInitializeEx
CoUninitialize
CoTaskMemFree
gdiplus
GdipCloneBitmapAreaI
GdipCreateStringFormat
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromFile
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipGetImageWidth
GdipDeleteFont
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCreateFontFamilyFromName
GdipGetImageHeight
GdipDeleteFontFamily
GdipCloneBrush
GdipSetTextureTransform
GdipCreateMatrix2
GdipDeleteBrush
GdipCreateTexture2I
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDeleteRegion
GdipCombineRegionRectI
GdipBitmapGetPixel
GdipCreateHBITMAPFromBitmap
GdipSetEmpty
GdipCreateRegion
GdipGetRegionHRgn
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipFillRectangleI
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipSetTextRenderingHint
GdipDrawString
GdipCloneFont
GdipCreateSolidFill
wtsapi32
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
dxva2
GetPhysicalMonitorsFromHMONITOR
GetNumberOfPhysicalMonitorsFromHMONITOR
GetMonitorCapabilities
d3d9
Direct3DCreate9Ex
comctl32
ord380
dwmapi
DwmIsCompositionEnabled
DwmEnableBlurBehindWindow
shlwapi
PathFileExistsW
PathRemoveFileSpecW
advapi32
SystemFunction036
Sections
.text Size: 431KB - Virtual size: 431KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Languages/ChineseSimplified.xml.xml
-
Languages/English.xml.xml
-
Settings.exe.exe windows:6 windows x86
5198e7be05f3b4aab1ce9c16f297d2bd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
GetTempPathW
CreateFileW
GetModuleHandleW
SetEndOfFile
HeapSize
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
FlushFileBuffers
GetProcessHeap
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ReleaseMutex
WriteFile
HeapReAlloc
ExitThread
WideCharToMultiByte
HeapAlloc
ReadFile
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
CreateMutexW
FindNextFileW
FindClose
GetACP
FindFirstFileW
MultiByteToWideChar
GetModuleFileNameW
CreateDirectoryW
LocalFree
GetLastError
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetCurrentProcessId
FormatMessageW
GetStdHandle
HeapFree
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
GetCurrentThread
QueryPerformanceCounter
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
LCMapStringW
user32
RegisterWindowMessageW
PostMessageW
UnhookWindowsHookEx
SetWindowsHookExW
EnumDisplayDevicesW
GetKeyNameTextW
MessageBoxW
GetWindowRect
ScreenToClient
GetMessageW
GetSystemMetrics
CreatePopupMenu
DispatchMessageW
DestroyIcon
TranslateMessage
InsertMenuW
TrackPopupMenuEx
SetWindowTextW
GetParent
SetActiveWindow
LoadIconW
PostQuitMessage
SetForegroundWindow
GetCursorPos
FindWindowW
SetCursor
EndDialog
GetDlgCtrlID
DialogBoxParamW
GetDC
ShowWindow
SetDlgItemTextW
GetDlgItemTextW
IsWindowEnabled
MoveWindow
GetDlgItem
SetDlgItemInt
ReleaseDC
EnableWindow
GetWindowTextW
IsDlgButtonChecked
CheckDlgButton
GetWindowLongW
DefWindowProcW
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassExW
LoadCursorW
SetWindowLongW
MapVirtualKeyW
SendMessageW
CallNextHookEx
gdi32
GetTextExtentPoint32W
SelectObject
comdlg32
GetOpenFileNameW
advapi32
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
SystemFunction036
RegOpenKeyExW
shell32
ShellExecuteW
SHGetFolderPathW
SHGetKnownFolderPath
Shell_NotifyIconW
ole32
CoTaskMemFree
CoCreateInstance
PropVariantClear
shlwapi
PathRemoveFileSpecW
PathFileExistsW
comctl32
PropertySheetW
ord380
CreatePropertySheetPageW
urlmon
URLDownloadToFileW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
wininet
InternetOpenW
InternetReadFile
InternetOpenUrlW
DeleteUrlCacheEntryW
Sections
.text Size: 400KB - Virtual size: 399KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 101KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Settings.xml.xml
-
Skins/Classic/Black Icons/0.ico
-
Skins/Classic/Black Icons/1.ico
-
Skins/Classic/Black Icons/2.ico
-
Skins/Classic/Black Icons/3.ico
-
Skins/Classic/Black Icons/4.ico
-
Skins/Classic/Icons/Eject.ico
-
Skins/Classic/Icons/Volume/0.ico
-
Skins/Classic/Icons/Volume/1.ico
-
Skins/Classic/Icons/Volume/2.ico
-
Skins/Classic/Icons/Volume/3.ico
-
Skins/Classic/Icons/Volume/4.ico
-
Skins/Classic/OSD/brightness.png.png
-
Skins/Classic/OSD/eject.png.png
-
Skins/Classic/OSD/meter.png.png
-
Skins/Classic/OSD/mute.png.png
-
Skins/Classic/OSD/volume.png.png
-
Skins/Classic/Slider/background.png.png
-
Skins/Classic/Slider/knob.png.png
-
Skins/Classic/skin.xml
-
Skins/Classic/sound.wav
-
Skins/Ignition/Notification Icons/Volume/0.ico
-
Skins/Ignition/Notification Icons/Volume/1.ico
-
Skins/Ignition/Notification Icons/Volume/2.ico
-
Skins/Ignition/Notification Icons/Volume/3.ico
-
Skins/Ignition/Notification Icons/Volume/4.ico
-
Skins/Ignition/OSD/back.png.png
-
Skins/Ignition/OSD/eject.png.png
-
Skins/Ignition/OSD/meter.png.png
-
Skins/Ignition/OSD/mute.png.png
-
Skins/Ignition/Slider/back.png.png
-
Skins/Ignition/Slider/knob.png.png
-
Skins/Ignition/skin.xml
-
Skins/Ignition/sound.wav
-
Skins/Small Glass/Icons/Volume/0.ico
-
Skins/Small Glass/Icons/Volume/1.ico
-
Skins/Small Glass/Icons/Volume/2.ico
-
Skins/Small Glass/Icons/Volume/3.ico
-
Skins/Small Glass/Icons/Volume/4.ico
-
Skins/Small Glass/OSD/back.png.png
-
Skins/Small Glass/OSD/eject.png.png
-
Skins/Small Glass/OSD/meter.png.png
-
Skins/Small Glass/OSD/mute.png.png
-
Skins/Small Glass/Slider/back.png.png
-
Skins/Small Glass/Slider/knob.png.png
-
Skins/Small Glass/skin.xml.xml
-
Skins/Vista 808/Icons/Volume/0.ico
-
Skins/Vista 808/Icons/Volume/1.ico
-
Skins/Vista 808/Icons/Volume/2.ico
-
Skins/Vista 808/Icons/Volume/3.ico
-
Skins/Vista 808/Icons/Volume/4.ico
-
Skins/Vista 808/OSD/back.png.png
-
Skins/Vista 808/OSD/eject.png.png
-
Skins/Vista 808/OSD/glass.png.png
-
Skins/Vista 808/OSD/meter.png.png
-
Skins/Vista 808/OSD/mute.png.png
-
Skins/Vista 808/Slider/back.png.png
-
Skins/Vista 808/Slider/glass.png.png
-
Skins/Vista 808/Slider/knob.png.png
-
Skins/Vista 808/skin.xml
-
Skins/pix/Icons/Volume/0.ico
-
Skins/pix/Icons/Volume/1.ico
-
Skins/pix/Icons/Volume/2.ico
-
Skins/pix/Icons/Volume/3.ico
-
Skins/pix/Icons/Volume/4.ico
-
Skins/pix/Icons/Volume/5.ico
-
Skins/pix/OSD/eject.png.png
-
Skins/pix/OSD/meter.png.png
-
Skins/pix/OSD/mute.png.png
-
Skins/pix/OSD/volume_background.png.png
-
Skins/pix/Slider/background.png.png
-
Skins/pix/Slider/knob.png.png
-
Skins/pix/skin.xml