Auto-Key[.]vst3

Sharing

Copy URL Twitter E-mail

General

Target

Auto-Key.vst3
Size

8.6MB
MD5

680c8e96c8f19b39340d704027ce7310
SHA1

c8c367619757be418f8dfa63a470ce9359424d76
SHA256

d2dbcc255d691e392674610f19194bfe5ddee1938eaaf950e02d9b05e8d9a67d
SHA512

b47ffd3fc79177a8626768e6b97f5e6ce7e73240b4967171dd5765b124f44770f082aeff5f7b2aa094dab4ae7c4c702c24176a89fe074deea3109a74ed67a428
SSDEEP

98304:WcgcpcJcbJ8pyvwMkWI0Qk5A1fjMcQBCMwgyhtU8H:WcgcpcJcOWtkEZh1wgyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Auto-Key.vst3

Files

Auto-Key.vst3
.dll windows:6 windows x64 arch:x64

d4f92ee8bd50e92d7ca2bf8158c9b7bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SwitchToThread
GetLastError
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
CreateMutexA
WaitForSingleObject
ReleaseMutex
UnmapViewOfFile
CreateSemaphoreA
ReleaseSemaphore
CreateFileMappingA
MapViewOfFileEx
CreateFileA
GetFileSizeEx
FormatMessageA
LocalFree
CreateDirectoryA
RemoveDirectoryA
SetEndOfFile
SetFilePointerEx
WriteFile
GetProcAddress
OpenProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentVariableA
SetCurrentDirectoryA
GetFileAttributesA
GetFullPathNameA
GetSystemTime
FileTimeToSystemTime
GetTimeZoneInformation
LoadLibraryA
AreFileApisANSI
GetExitCodeProcess
CreateProcessA
FreeLibrary
GetStdHandle
GetConsoleMode
VerSetConditionMask
GetProfileStringA
VerifyVersionInfoW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DeleteFileA
SetFileTime
FlushFileBuffers
GetFileTime
ReadFile
SetFilePointer
ExitProcess
TlsGetValue
TlsSetValue
Sleep
MapViewOfFile
OpenFileMappingA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
TlsAlloc
CreateEventA
WaitForMultipleObjects
IsBadWritePtr
OpenSemaphoreA
FlushInstructionCache
VirtualProtect
GetVersion
DeviceIoControl
LockFile
UnlockFile
IsBadStringPtrA
IsBadStringPtrW
GetDriveTypeA
ReadConsoleW
CreateFileW
WriteConsoleW
SetStdHandle
OutputDebugStringW
GetConsoleCP
GetModuleFileNameW
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
IsProcessorFeaturePresent
IsDebuggerPresent
LoadLibraryExW
GetCPInfo
HeapReAlloc
GetModuleHandleExW
GetFileType
RtlUnwindEx
GetProcessTimes
RtlAddFunctionTable
IsBadReadPtr
GetComputerNameA
GetNativeSystemInfo
GetSystemWindowsDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetSystemInfo
SetLastError
GetModuleHandleA
GetModuleFileNameA
VirtualQuery
GetVersionExA
SetPriorityClass
TlsFree
SetThreadPriority
GetCurrentThread
TerminateProcess
HeapFree
GetCurrentDirectoryA
SetConsoleCtrlHandler
OpenEventA
SetEvent
GetACP
SystemTimeToFileTime
GetTempPathA
GetLocalTime
GetDiskFreeSpaceA
GetUserDefaultUILanguage
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
GetTickCount
GetStartupInfoW
GetCurrentProcessId
GetCurrentProcess
GetProcessHeap
HeapAlloc
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
GetStringTypeW
DecodePointer
EncodePointer
LocalAlloc
HeapCreate

user32

AppendMenuA
LoadStringA
wsprintfA
GetSystemMenu
TranslateMessage
DispatchMessageA
MessageBoxA
DrawMenuBar
CharLowerBuffA
CharUpperBuffA
CallMsgFilterA
PeekMessageA

shell32

ShellExecuteExA

advapi32

StartServiceA
QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegFlushKey
RegDeleteKeyA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
GetUserNameA
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
ReadEventLogA
CloseEventLog
OpenEventLogA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ws2_32

gethostbyname
sendto
recvfrom
inet_addr
bind
getpeername
WSAGetLastError
socket
shutdown
setsockopt
send
select
recv
getsockopt
ioctlsocket
connect
closesocket
accept
__WSAFDIsSet
gethostbyaddr
inet_ntoa
htons
WSACleanup
WSAStartup
freeaddrinfo
getaddrinfo
gethostname

Exports

Exports

ExitDll
GetPluginFactory
InitDll

Sections

__wibu00
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu02
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu03
Size: 98KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu04
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu05
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu06
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu07
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu08
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

__wibu09
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu0a
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu0b
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu0c
Size: 56KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu0d
Size: 242KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4f92ee8bd50e92d7ca2bf8158c9b7bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

advapi32

version

ws2_32

Exports

Exports

Sections

__wibu00 Size: 3.7MB - Virtual size: 3.7MB

__wibu01 Size: 2KB - Virtual size: 2KB

__wibu02 Size: 2.7MB - Virtual size: 2.7MB

__wibu03 Size: 98KB - Virtual size: 108KB

__wibu04 Size: 154KB - Virtual size: 153KB

__wibu05 Size: 512B - Virtual size: 9B

__wibu06 Size: 512B - Virtual size: 52B

__wibu07 Size: 14KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 1008B

__wibu08 Size: 37KB - Virtual size: 37KB

__wibu09 Size: 1.6MB - Virtual size: 1.6MB

__wibu0a Size: 64KB - Virtual size: 64KB

__wibu0b Size: 8KB - Virtual size: 8KB

__wibu0c Size: 56KB - Virtual size: 76KB

__wibu0d Size: 242KB - Virtual size: 244KB

__wibu00
Size: 3.7MB - Virtual size: 3.7MB

__wibu01
Size: 2KB - Virtual size: 2KB

__wibu02
Size: 2.7MB - Virtual size: 2.7MB

__wibu03
Size: 98KB - Virtual size: 108KB

__wibu04
Size: 154KB - Virtual size: 153KB

__wibu05
Size: 512B - Virtual size: 9B

__wibu06
Size: 512B - Virtual size: 52B

__wibu07
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 1008B

__wibu08
Size: 37KB - Virtual size: 37KB

__wibu09
Size: 1.6MB - Virtual size: 1.6MB

__wibu0a
Size: 64KB - Virtual size: 64KB

__wibu0b
Size: 8KB - Virtual size: 8KB

__wibu0c
Size: 56KB - Virtual size: 76KB

__wibu0d
Size: 242KB - Virtual size: 244KB