ea0c7ef16359a0f1b5392dc6e856cf99bb244df68ce058293a7515f405a03def

Sharing

Copy URL Twitter E-mail

General

Target

ea0c7ef16359a0f1b5392dc6e856cf99bb244df68ce058293a7515f405a03def
Size

268KB
MD5

a69d1a9d5b23c3e25e0132bafb456c00
SHA1

a81a135c9cfee8dc166fad17f706444bea44a357
SHA256

ea0c7ef16359a0f1b5392dc6e856cf99bb244df68ce058293a7515f405a03def
SHA512

7d091d215fe8ea61eb4605645016bf8ad68dfb8e3c86cee3814651d36153b4ee68e5a68258a66dff4acd5437696e926feb6287fb5edef12d61e1186c80517f5c
SSDEEP

6144:qc9MJG1ETKAI1c7tzkAyoT8uR4xnZN6zvpFg/GZOUNCZmTJRrtw/5rY8WB+On:tWJKiwcJzkAyoTBR4XwjmGz02J173BT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea0c7ef16359a0f1b5392dc6e856cf99bb244df68ce058293a7515f405a03def

Files

ea0c7ef16359a0f1b5392dc6e856cf99bb244df68ce058293a7515f405a03def
.dll windows:4 windows x64 arch:x64

e4d9598413cb1caa68450f381ff6e750

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\mhc\jmde\Release64\plugins\fx\reaverbate.pdb

Imports

kernel32

CreateFileA
CloseHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FormatMessageA
LoadLibraryA
GetThreadLocale
RtlLookupFunctionEntry
RtlUnwindEx
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsFree
SetLastError
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
HeapSetInformation
HeapCreate
HeapDestroy
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlVirtualUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

GetClassNameA
BeginPaint
GetWindow
IsWindowVisible
GetWindowRect
ScreenToClient
GetWindowLongA
GetSysColor
EndPaint
SetWindowLongPtrA
GetWindowLongPtrA
GetDlgItem
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
IsDlgButtonChecked
GetFocus
GetDlgItemTextA
CheckDlgButton
SetWindowLongA
SetTimer
ShowWindow
DialogBoxParamA
CreateDialogParamA
DestroyWindow
GetClientRect

gdi32

RectInRegion
CombineRgn
DeleteObject
CreateSolidBrush
FillRgn
CreateRectRgnIndirect

Exports

Exports

VSTPluginMain

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4d9598413cb1caa68450f381ff6e750

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 10KB - Virtual size: 20KB

.pdata Size: 5KB - Virtual size: 5KB

.data1 Size: 1KB - Virtual size: 1KB

.trace Size: 9KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 10KB - Virtual size: 20KB

.pdata
Size: 5KB - Virtual size: 5KB

.data1
Size: 1KB - Virtual size: 1KB

.trace
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB