MixxxDJ_RocketFuelInstaller[.]exe[.]7z | Triage

Submit
Reports

Overview

overview

1

Static

static

1

MixxxDJ_Ro...er.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

MixxxDJ_RocketFuelInstaller.exe

Resource

win10v2004-20231020-en

windows10-2004-x64

2 signatures

600 seconds

General

Target

MixxxDJ_RocketFuelInstaller.exe.7z
Size

241KB
MD5

a091ee94cc666b3004b749a66f27af6c
SHA1

05f8c89b8e04435bb9a7db97c6992b5118e3853e
SHA256

09daef635481ff7ecc1e8b6547cd464a2e2b6c0ea012dbaddb89c40f21a3392f
SHA512

cd43c3422079ece094e6c43ae208002f90e59773bf9a889f2dec58c8baa3bb08e49a28c490626f0cb3800628989b5744fac8a44f188585879526617c5337323d
SSDEEP

6144:76R54p3uolEKcymKGsmWgqp65gtkf8KoZVPtoIgMW:70A3uGEinl/gqwgOULZVP1g

Score

1^/10

Malware Config

Signatures

Files

MixxxDJ_RocketFuelInstaller.exe.7z
.7z

Password: infected
MixxxDJ_RocketFuelInstaller.exe
.exe windows:5 windows x86

596a03cf138832ef6f01220a79cb3f36

Code Sign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5e:5a:8f:44:b9:95:df:01:70:15:54:fb:f1:81:73:b7
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

14/11/2011, 00:00

Not After

13/11/2013, 23:59

Subject

CN=Verti Technology Group\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Verti Technology Group\, Inc.,L=Bellevue,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

WaitForSingleObject
CreateThread
GetSystemInfo
GetVersionExW
Sleep
MoveFileExW
DeleteFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
CreateDirectoryW
GetTempFileNameW
GetTempPathW
GetExitCodeProcess
CreateProcessW
GlobalFree
GetTickCount
FreeLibrary
LoadLibraryW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
HeapCreate
GetStartupInfoW
HeapSetInformation
GetCommandLineW
VirtualQuery
VirtualProtect
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RtlUnwind
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
LocalFree
LocalAlloc
GetFileSize
ReadFile
GetProcAddress
CreateFileW
OpenMutexW
CloseHandle
CreateMutexW
ReleaseMutex
SetEvent
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
SetLastError
GetCurrentThreadId
RaiseException
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GetModuleFileNameW
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
lstrlenW
WideCharToMultiByte
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
FormatMessageW
lstrcmpA
MultiByteToWideChar

user32

InvalidateRect
ShowWindow
MessageBoxW
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetParent
DestroyWindow
GetMenuItemInfoW
DefWindowProcW
CallWindowProcW
GetSysColor
CharNextW
ClientToScreen
ReleaseDC
GetDC
GetClientRect
GetWindowRect
SetWindowPos
MoveWindow
GetSystemMenu
SetWindowTextW
CreateWindowExW
GetWindowLongW
SetWindowLongW
SendMessageW
ScreenToClient
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetDlgItem
GetClassNameW
ReleaseCapture
FillRect
EndPaint
BeginPaint
GetDesktopWindow
DestroyAcceleratorTable
GetFocus
SetFocus
IsWindow
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateAcceleratorTableW
LoadIconW
PostQuitMessage
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
FindWindowW
EnableMenuItem
UnregisterClassA
EnumWindows
BringWindowToTop
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
PostThreadMessageW
AnimateWindow
PostMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics

gdi32

CreateDIBSection
DeleteDC
CreateCompatibleDC
SetDIBColorTable
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
StretchBlt
DeleteObject
GetDIBColorTable
SelectObject

advapi32

DuplicateTokenEx
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptGetKeyParam
CryptAcquireContextW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
OpenProcessToken
RegQueryInfoKeyW
RegEnumKeyExW

shell32

ShellExecuteW

ole32

CoCreateInstance
CoReleaseServerProcess
CoGetClassObject
OleLockRunning
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoAddRefServerProcess

oleaut32

VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
DispCallFunc
VariantClear
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantInit

wininet

HttpSendRequestA
HttpSendRequestW
HttpAddRequestHeadersA
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetReadFile
InternetCrackUrlW
FindCloseUrlCache
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetCloseHandle
InternetOpenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

shlwapi

PathRemoveExtensionW
PathAppendW
PathAddExtensionW
PathStripPathW
PathFileExistsW
PathQuoteSpacesW
PathRemoveArgsW

urlmon

URLDownloadToFileW

gdiplus

GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawImageI

msimg32

AlphaBlend
TransparentBlt

crypt32

CertFreeCertificateContext
CryptImportPublicKeyInfo
CryptDecodeObject
CryptMsgClose
CertCloseStore
CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject

wintrust

WinVerifyTrust

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy