VSTPluginMain
Static task
static1
1 signatures
General
-
Target
5zStereoTool.dll
-
Size
2.8MB
-
MD5
100913e0f2399942f2054fcf0b2cb2e2
-
SHA1
c184308b93519bd13f0674ae8aa494117c4c6cf7
-
SHA256
e84083c30d4b426683fced36b9689e11765e37b1f2369470cbdb5000d9e7770e
-
SHA512
7b9be02094b62de9bea96bbb2edea8a33ff27dc55589a53790219bbfd4ed6d24134dd72f460e25c9c30b3286ac723c783659d9afbd1487f63e44dcf7f169cfc9
-
SSDEEP
24576:4cTNXnp/fJMAK/i6Z/n6c1INsKAeoOk8vjRqg0riHs2FvLDHlnNXT1ItctgOCzA:4cpXnYa6Z/beI18N5Hs2VDHltTG3z
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5zStereoTool.dll
Files
-
5zStereoTool.dll.dll windows:6 windows x64 arch:x64
Password: infected
93101f61652032ef9b1f4bc658e5926b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
FormatMessageW
GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
LoadLibraryW
ResetEvent
GetCurrentDirectoryW
GetOverlappedResult
GetProcAddress
ReplaceFileW
DeleteCriticalSection
ExitProcess
FreeLibrary
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetCommandLineW
LocalFree
GlobalSize
GlobalAlloc
GlobalLock
GetCurrentProcessId
GlobalUnlock
HeapSize
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetCommandLineA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetFileInformationByHandle
GetProcessHeap
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetOEMCP
IsValidCodePage
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapFree
HeapReAlloc
HeapAlloc
GetACP
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
Sleep
CreateEventW
GetLogicalDriveStringsW
GetEnvironmentStringsW
GetCurrentThread
GetThreadPriority
CreateDirectoryW
SetThreadAffinityMask
ReadFile
TryEnterCriticalSection
GetVolumeInformationW
CancelIo
FindFirstFileW
EnterCriticalSection
FindNextFileW
GetCurrentProcess
WriteFile
GetModuleHandleExW
TerminateProcess
RemoveDirectoryW
GetModuleFileNameW
WaitForMultipleObjects
SetThreadPriority
LeaveCriticalSection
DisconnectNamedPipe
GetModuleHandleA
GetSystemDirectoryW
ReleaseMutex
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
SetFilePointer
InitializeCriticalSection
GetCurrentThreadId
user32
DestroyCursor
GetKeyboardState
SetCaretPos
GetActiveWindow
GetWindowPlacement
WindowFromPoint
MessageBeep
SetWindowTextW
SendMessageW
ScreenToClient
GetIconInfo
EnumDisplayMonitors
EnumChildWindows
MessageBoxW
GetAncestor
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
GetSystemMetrics
CallNextHookEx
PostMessageA
SetWindowPos
GetWindowRect
AttachThreadInput
GetWindowThreadProcessId
MapVirtualKeyW
GetMessagePos
GetUpdateRgn
GetMessageExtraInfo
GetSystemMenu
GetWindowLongW
MoveWindow
CallWindowProcW
GetWindowTextW
TranslateMessage
IsWindowVisible
EnumWindows
PeekMessageW
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
UnregisterClassW
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetMessageW
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
SetCursorPos
InvalidateRect
SetForegroundWindow
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
FindWindowW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
GetForegroundWindow
TrackMouseEvent
CreateCaret
IsChild
SetFocus
GetDC
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
GetAsyncKeyState
ShowWindow
gdi32
GetKerningPairsW
EnumFontFamiliesExW
GetTextMetricsW
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
RemoveFontMemResourceEx
CreateFontIndirectW
GetOutlineTextMetricsW
SaveDC
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchDIBits
CreateRectRgnIndirect
GetDeviceCaps
GetPixel
CreateRectRgn
DeleteDC
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
DeleteObject
SetMapMode
CreateBitmap
CombineRgn
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
SystemFunction036
shell32
ExtractAssociatedIconW
Shell_NotifyIconW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderPathW
ole32
OleCreate
OleSetContainedObject
RevokeDragDrop
DoDragDrop
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoCreateInstance
RegisterDragDrop
oleaut32
SafeArrayDestroy
VariantInit
SysFreeString
SysAllocString
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayAccessData
VariantClear
wininet
InternetSetFilePointer
InternetCrackUrlW
FtpOpenFileW
HttpSendRequestExW
InternetCloseHandle
InternetConnectW
InternetWriteFile
HttpOpenRequestW
HttpEndRequestW
InternetOpenW
InternetSetOptionW
InternetReadFile
HttpQueryInfoW
ws2_32
inet_ntoa
recv
getsockopt
WSAStartup
setsockopt
select
closesocket
accept
__WSAFDIsSet
send
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
shlwapi
PathStripToRootW
winmm
timeGetTime
timeKillEvent
timeBeginPeriod
imm32
ImmNotifyIME
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
Exports
Exports
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 667KB - Virtual size: 666KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 38KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 114KB - Virtual size: 113KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 1024B - Virtual size: 516B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ