SweetDrums_x64[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SweetDrums_x64.dll
Size

11.4MB
MD5

94548d0ffffe0e8b69e805efcc865ab1
SHA1

e0235f0c422668e3deeb3c9925e363b2f2f1b162
SHA256

5507036eb0f6d77e1af4795ddf7b2b2d6200d2a846832981dcd5a9e141cb1a10
SHA512

ff12cb11d0004db935d10929b808462945181356ec79af6f0425b3293f4051df1281f172a0cd0ca2049703cae9ca15fa198f65d137be9ec9645823e286e36bf3
SSDEEP

196608:wQCD6+nUqkJE1ppaIn0+XoFNf49UQ2UcKzkKjziwk8m8RcCA:3vQpH0GUSBXx2gN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SweetDrums_x64.dll

Files

SweetDrums_x64.dll
.dll windows:6 windows x64 arch:x64

30a1954f473d69c1a1e0e966708313af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Tunca\Documents\iPlug2-master\Examples\SweetDrums\build-win\pdbs\SweetDrums-vst2_x64.pdb

Imports

wininet

InternetGetConnectedState

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA

kernel32

CreateFileMappingA
GetFileSize
VerSetConditionMask
GetCurrentProcessId
FreeLibrary
WideCharToMultiByte
VerifyVersionInfoW
MapViewOfFile
GetTickCount
GlobalUnlock
SizeofResource
EnumResourceNamesA
FindResourceA
LockResource
LoadResource
GetThreadTimes
GlobalLock
CreateFileW
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
SetEndOfFile
HeapSize
FlushFileBuffers
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
WriteFile
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
GetProcAddress
CreateThread
CloseHandle
GlobalAlloc
LoadLibraryA
GetCurrentThread
CreateFileA
Sleep
MultiByteToWideChar
UnmapViewOfFile
GetSystemDirectoryW
WaitForSingleObject
SetThreadPriority
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindClose
LoadLibraryExW
RtlUnwind
InterlockedFlushSList
RaiseException
RtlPcToFileHeader
RtlUnwindEx
SetStdHandle
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentThreadId
InitializeSListHead
GetFileSizeEx
ReadFile
GetLastError
FindNextFileW
OutputDebugStringA
CreateSemaphoreA
ReleaseSemaphore
ExitProcess
LoadLibraryW
InitOnceExecuteOnce
GetFileType

user32

ToAscii
ValidateRect
BeginPaint
VkKeyScanExA
GetKeyboardLayout
GetWindowThreadProcessId
GetKeyState
GetMessageExtraInfo
GetUpdateRgn
CloseTouchInputHandle
GetTouchInputInfo
GetWindowRect
LoadCursorA
DestroyWindow
GetDC
SetWindowPos
PostMessageA
CreateWindowExW
ScreenToClient
SendMessageW
GetSystemMetrics
CreatePopupMenu
GetClassNameA
TrackPopupMenu
GetKeyboardState
OpenClipboard
RegisterWindowMessageA
GetCapture
SetTimer
RegisterTouchWindow
ClientToScreen
CloseClipboard
CallWindowProcA
EmptyClipboard
GetWindowLongA
GetCursorPos
TrackMouseEvent
SetWindowTextA
MessageBoxA
RegisterClassA
EnumWindows
SystemParametersInfoW
DefWindowProcA
DestroyMenu
CreateWindowExA
SetFocus
GetClipboardData
SendMessageA
SetCapture
SetClipboardData
SetCursor
AppendMenuA
PeekMessageA
IsClipboardFormatAvailable
GetWindowLongPtrA
UnregisterClassA
KillTimer
GetParent
SetWindowLongPtrA
UpdateWindow
ReleaseCapture
ShowCursor
InvalidateRect
GetAncestor
SetCursorPos
ReleaseDC
EndPaint

gdi32

AddFontMemResourceEx
SelectObject
CreateCompatibleDC
StretchDIBits
GetStockObject
EnumFontFamiliesExA
GetTextFaceA
CreateRectRgn
DeleteDC
SetTextColor
GetFontData
GetRegionData
SetBkMode
SetDCBrushColor
CreateFontIndirectA
SetBkColor
DeleteObject
RemoveFontMemResourceEx
GetRgnBox
GetObjectA

comdlg32

ChooseColorA
GetSaveFileNameW
GetOpenFileNameW

shell32

DragQueryPoint
SHGetPathFromIDListA
DragAcceptFiles
DragQueryFileA
SHBrowseForFolderA
ShellExecuteW

ole32

OleInitialize
CoTaskMemFree
OleUninitialize

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 533KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30a1954f473d69c1a1e0e966708313af

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

shell32

ole32

Exports

Exports

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 533KB - Virtual size: 532KB

.data Size: 57KB - Virtual size: 77KB

.pdata Size: 111KB - Virtual size: 110KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 6.2MB - Virtual size: 6.2MB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 533KB - Virtual size: 532KB

.data
Size: 57KB - Virtual size: 77KB

.pdata
Size: 111KB - Virtual size: 110KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 6.2MB - Virtual size: 6.2MB

.reloc
Size: 25KB - Virtual size: 24KB