61b6797c183e1c30fa0e841d1c80d6a55e5e876c12c700fbbc7aa33469247f55

Sharing

Copy URL Twitter E-mail

General

Target

61b6797c183e1c30fa0e841d1c80d6a55e5e876c12c700fbbc7aa33469247f55
Size

1.1MB
MD5

f7df68a3a4e05382285d665b6305431f
SHA1

baa3d6612d325435e936cf371f9f18f1e9f8b3fa
SHA256

61b6797c183e1c30fa0e841d1c80d6a55e5e876c12c700fbbc7aa33469247f55
SHA512

1887a942c08ede9e78fd447cd7a8f251ab83a2144f5f53a7c9ab726591d0356c1913887ac33846cd0e5b7613c687ff00d40eca9b9d1005eed64c67e856dd0c9e
SSDEEP

24576:swYoHNNDyZ+RvtzmrUMkVb6qzjHjEgW+jsS+Rb1:sLCNDtzzjD9Wl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61b6797c183e1c30fa0e841d1c80d6a55e5e876c12c700fbbc7aa33469247f55

Files

61b6797c183e1c30fa0e841d1c80d6a55e5e876c12c700fbbc7aa33469247f55
.dll windows:5 windows x64 arch:x64

25432a5616064200ab34d9b7012d94e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

wininet

InternetGetConnectedState

shell32

ShellExecuteA
SHGetFolderPathA

user32

WindowFromPoint
SetWindowLongA
SetWindowTextA
LoadCursorA
RegisterClassA
CreateWindowExA
UnregisterClassA
BeginPaint
EndPaint
GetParent
SetWindowPos
GetWindowLongA
CallWindowProcA
SetWindowLongPtrA
SetTimer
GetWindowLongPtrA
SendMessageA
InvalidateRect
GetClientRect
MapWindowPoints
ValidateRect
UpdateWindow
GetCursorPos
DrawTextA
DrawTextW
ScreenToClient
GetUpdateRect
TrackMouseEvent
GetCapture
SetCapture
ReleaseCapture
GetWindowRect
DefWindowProcA
GetKeyState
SetFocus
MessageBoxA
DestroyWindow

gdi32

GetTextMetricsA
SetTextColor
SetBkMode
SetBkColor
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
BitBlt
CreateFontA

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

kernel32

CreateFileW
GetProcessHeap
SetEndOfFile
LockResource
WriteConsoleW
CompareStringW
CreateFileA
FlushFileBuffers
SetStdHandle
LoadLibraryW
LCMapStringW
GetTimeZoneInformation
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
ReadFile
MultiByteToWideChar
SetEnvironmentVariableA
GetStringTypeW
LoadResource
SizeofResource
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
Sleep
CloseHandle
WaitForSingleObject
GetLastError
CreateDirectoryA
CreateThread
GetModuleFileNameA
GetCurrentProcessId
HeapFree
HeapAlloc
HeapReAlloc
DecodePointer
EncodePointer
RtlLookupFunctionEntry
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
HeapSetInformation
GetVersion
HeapCreate
FindResourceA
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetStartupInfoW
FlsGetValue
FlsFree
SetLastError
FlsAlloc
RaiseException
RtlPcToFileHeader
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointer

advapi32

RegOpenKeyA
RegCloseKey

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 579KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25432a5616064200ab34d9b7012d94e8

Headers

DLL Characteristics

File Characteristics

Imports

wininet

shell32

user32

gdi32

comdlg32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 363KB - Virtual size: 363KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 12KB - Virtual size: 406KB

.pdata Size: 18KB - Virtual size: 17KB

text Size: 8KB - Virtual size: 8KB

data Size: 18KB - Virtual size: 18KB

.rsrc Size: 579KB - Virtual size: 578KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 363KB - Virtual size: 363KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 12KB - Virtual size: 406KB

.pdata
Size: 18KB - Virtual size: 17KB

text
Size: 8KB - Virtual size: 8KB

data
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 579KB - Virtual size: 578KB

.reloc
Size: 7KB - Virtual size: 6KB